cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1025
Views
0
Helpful
1
Replies
Highlighted
Beginner

Selectively prevent content rewrite

Is is possible to tell the ASA to NOT rewrite certain things, like public internet links, javascript libraries, and certain other code or links?

When I am accessing our intranet through the SSL VPN, and I click on an external link, when I go to that site, their pages are being rewritten by the VPN.  That seems incorrect.  There is no reason for me to go through the VPN to get to a site I can get to from home.

I'm tracing all sorts of strange JavaScript errors that seem to be attributable to the ASA rewriting code within my JavaScript.  I understand this is sometimes necessary, but I would like to know if it is possible to prevent it when I know it is safe to do so.

Thank you.

Everyone's tags (2)
1 REPLY 1
Cisco Employee

Re: Selectively prevent content rewrite

Don,

Yes it is possible, BUT, it's not trivial and more often than not your first few tries will break something.

The feature is called APCF:

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/webvpn.html#wp1046693

That being said, I would highly recommend using smart-tunneling of bookrmakrs whenever possible instead of using APCF if ASA's rewrite engine breaks something.

Marcin

just in case newer documentation:

http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/webvpn.html

and an example of APCF (to stop rewrite of everything aspx) (UNTESTED!)


1.0

  Do not rewrite
 
    
        
           *.aspx*