Re: Web VPN URL-List on ASA (8.0)

Tomi,

Yes, I get this feeling that it would be easier with from the ASDM
interface. But I also think if its available from the ASDM, then it should
be also configurable via the CLI. I will give the ASDM a go, and see what
config that generates on the CLI config.

Farouq,

I am referring to url-lists (webvpn bookmarks). I am suspecting my browser
to be shagged. I will install FF, see if that works.

Waldir,

As pointed out by Tomi, that command seems to be depricated on the 8.x code
it seems. See below for a log message generated when I try to do that. I
have read about an option to import the list using xml, could it be that
they have restricted this feature to the import method then?

Thanks a mil guys for taking out time to look at the this!

Sadiq

VPN(config)# group-policy WEBVPN attributes
VPN(config-group-policy)# vpn-tunnel-protocol webvpn
VPN(config-group-policy)# webvpn
VPN(config-group-webvpn)# url-list ?

config-group-webvpn mode commands/options:
  none Specify an empty list of WebVPN servers/URLs
  value Specify a list of WebVPN servers/URLs
VPN(config-group-webvpn)# url-list value WEB_URL_LIST
ERROR: No url-list "WEB_URL_LIST" exists.

On Wed, May 13, 2009 at 2:12 PM, Tomi Amao <tomiground_at_hotmail.com> wrote:

> Hi Walid,
>
> Yea this would work. But from ASA version 8.1 the url-list command has
> been deprecated. So personally i feel learning how to go about it with the
> ASDM would be a good choice.
>
> Regards,
> Tomi
>
>
>
>
> ------------------------------
> Date: Wed, 13 May 2009 08:08:02 -0500
> Subject: Re: Web VPN URL-List on ASA (8.0)
> From: wmontoya_at_divixsa.com
> To: tomiground_at_hotmail.com
> CC: sadiqtanko_at_gmail.com; ccielab_at_groupstudy.com
>
>
> Under the group policy, then under webvpn you can tye url-list value "name"
>
> group-policy test attributes
> vpn-access-hours none
> vpn-simultaneous-logins 700
> vpn-tunnel-protocol webvpn
> webvpn
> url-list value test
>
>
> The smart-tunnel is something they came with to solve some issues about web
> applications through the webvpn.
>
>
> 2009/5/13 Tomi Amao <tomiground_at_hotmail.com>
>
> Hi Sadiq,
>
>
>
> Well url-list no longer works like it used to in previous ASA versions. Now
> u'd be better off configuring it from the ASDM. Enable ASDM on your ASA and
> under remote-access i believe, configure your bookmarks and attach to your
> group-policy that would get your url-list up. Also some advanced
> customization
> techniques can be applied from the ASDM to provide a better look-and-feel.
>
>
> Regards,
>
> Tomi
>
>
>
>
> > Date: Wed, 13 May 2009 12:43:00 +0100
> > Subject: Web VPN URL-List on ASA (8.0)
> > From: sadiqtanko_at_gmail.com
> > To: security_at_groupstudy.com; ccielab_at_groupstudy.com
> >
> > I have been trying to get URL-Listing on 8.0 code and having a tough time
> > doing this. Also. when portforwarding is envoked on the PC, the page just
> > hangs and nothing appears in the dialog box that launches on the
> webbrowser
> > (after the I successfully log into the WebVPN page), although ASA says
> the
> > vpn-session is established and connected. See sample config for 8.0
> below:
> >
> > username WEBUSER password oW41BWsG68c8N2FO encrypted
> >
> > webvpn
> > enable Public
> > port-forward PORTFORWARD 2023 191.1.118.10 telnet
> > tunnel-group-list enable
> >
> > group-policy WEBVPN internal
> > group-policy WEBVPN attributes
> > vpn-tunnel-protocol webvpn
> > webvpn
> > port-forward name PORTFORWARD
> > port-forward auto-start PORTFORWARD
> > url-entry enable
> >
> > tunnel-group WEBVPN type remote-access
> > tunnel-group WEBVPN general-attributes
> > default-group-policy WEBVPN
> > tunnel-group WEBVPN webvpn-attributes
> > group-alias WEB enable
> >
> >
> > Anyone knows if URL_List is even supported? They seem to be talking about
> > some "Smart tunnels" feature. Is this like a replacement for the
> URL-List?
> I
> > simply just dont see any information related to url-list on the config
> guide
> > for 8.0
> >
> > Thanks as usual guys,
> > Sadiq
> >
> > --
> > CCIE #19963
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
>
> _________________________________________________________________
> Drag n drop Get easy photo sharing with Windows Live Photos.
>
> http://www.microsoft.com/windows/windowslive/products/photos.aspx
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
>
> ------------------------------
> Invite your mail contacts to join your friends list with Windows Live
> Spaces. It's easy! Try it!<http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us>
>

-- 
CCIE #19963
Blogs and organic groups at http://www.ccie.net