Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2428
Views
0
Helpful
2
Replies

Browser proxy configuration for ASA

v-naughton
Level 1
Level 1

‎11-17-2005 08:29 AM

We have migrated from using a VPN concentrator to an ASA box because the concentrator would not store the 4096 bit key of the root CA. The ASA does not need to have the full chain (trustpoints) so we are successfull using the ASA for remote access VPNs.

Unfortunately the concentrator had a nice feature for proxy settings see below....

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2308/prod_release_note09186a00802d398a.html#wp1392666

Browser Proxy Configuration

Browser proxy configuration is ONLY available using the Release 4.1.6 VPN Concentrator code.

During mode config, the VPN Client negotiates a new mode config attribute to determine whether to change the value of a user's browser proxy setting. The VPN Client adminstrator controls the setting of the attribute through a parameter in the PCF file. This feature is being implemented for Windows (all platforms) only and for Internet Explorer only.

You can configure the VPN Concentrator to push proxy configuration settings into Microsoft Internet Explorer when Windows clients connect to it. The settings are on the Client Config tab of Group configuration. You can configure the VPN Concentrator to not modify proxy settings ("Do not modify proxy settings") , to push settings to disable existing proxy configuration ("No Proxy Settings"), to push settings to auto-detect a proxy ("Auto-Detect Proxy settings"), and to push explicit proxy settings ("Use Proxy Server/Port listed below").

With the "Use Proxy Server/Port listed below" setting, you can push a proxy server address, a proxy exception list, and whether the browser will exclude the proxy for local adresses.

After disconnecting, proxy settings are restored to what they were before the VPN connection was established. If a workstation is improperly shut down or rebooted while a VPN connection is established, proxy settings will be restored on boot-up.

Is there a workaround we can use (we can get endusers to manually enter the proxy etc etc but asking end users to do anything is problematic also it is company policy to tunnel everything when the vpn is up)......any ideas appreciated....

Thanks,

Vincent

Labels:
0 Helpful
2 Replies 2

wong34539
Level 6
Level 6

‎11-23-2005 10:13 AM

To my knowledge, We are not able to configure the proxy setting in client side because of security reason. I think we have to use the push policy settings for proxy connections.

0 Helpful

sphughes
Level 1
Level 1

‎06-01-2006 09:42 AM

Vincent -

Did you work anything out for this? We are in the same boat with the ASA and proxy.

0 Helpful
Customers Also Viewed These Support Documents