How to use the Proxy Bypass on an ASA 5510

Nicola Volpini · ‎10-26-2012

Hi

We have a custom web application which is heavily relying on javascript. We're trying to access it via the webportal but this application does not load correctly (it barely shows a white page).

the link is https://our.domain.com/oursubdirectory and SUBIF-ISP2 is the public interface facing the internet. This is the rule as displayed by the CLI:

proxy-bypass interface SUBIF-ISP2 path-mask oursubdirectory target https://our.domain.com/ rewrite none

Despite having this command in place, nothing changes. I tried multiple combinations adding the xml and hostname rewrite or changing the interface but nothing, the page is the same like if this rule was not applied.

Any suggestions?

Thanks!

Marcin Latosiewicz · ‎10-26-2012

Nicola,

Quite frankly, instead of using proxy bypass you should be trying with smart tunnel.

Rgerading usage:

http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/p.html#wp2205338

If you have problems with a page - please check that you have latest revision of ASA software avilable, if you do open up a TAC case.

M.

Nicola Volpini · ‎10-29-2012

Hi Marcin,

I read the guide before posting since I couldn't come to a satisfactory solution.

Smart tunnel is not a feasible solution since it's not cross platform (I need linux support) and it requires some client-side installation. I can solely rely on the Content Rewriter.

Thanks.

Marcin Latosiewicz · ‎10-29-2012

Then it might be a better idea to open up a TAC case.

Content rewriter cases tend to drag a bit.

If you can obtain HTTPwatch capture for working and non-working scenario, webvpn capture and ... recording showing the failure from user's perspective it would be a good starting point.

Nicola Volpini · ‎10-29-2012

Thanks Marcin, I'll get in contact with TAC.
Regards