Thanks. I was able to do it like that some days ago. Here is what I did:
First you need to export to the screen the url-list template that is on the
ASA by doing the command:
export webvpn url-list template stdout
You will get the url-list template on the screen.
So I decided to edit it and just used the output shown below.
After editing the template I typed the command:
import webvpn url-list CISCO2 stdin 400
Then highligted and copied the following text:
<?xml version="1.0" encoding="UTF-8" ?>
<url-list>
<title l10n="yes">URL list template</title>
<favorite>yes</favorite>
<bookmark>
<title l10n="yes">GOOGLE</title>
<method>get</method>
<favorite>yes</favorite>
<url>http://www.google.com</url>
<subtitle l10n="yes" />
<thumbnail l10n="yes" />
<smart-tunnel />
<window>current|new</window>
</bookmark>
</url-list>
After copying the text I did a right click on the SSH screen to paste it.
(you will not see anything on the screen meaning that the text got pasted)
Then just press and hold space bar until you get the following response:
%INFO: URL list 'CISCO2' was successfully imported
I had to copy the text just like I am showing you without any spaces in
front of the "<" caracter. I am not sure why this doesn't work leaving
spaces just like the template shows.
The other solution is to use a TFTP server and import the edited .xml file
and call in on the ASA.
When you succesfully import the file you can view it using the command:
show import webvpn url-list
group-policy WEBVPN internal
group-policy WEBVPN attributes
vpn-tunnel-protocol webvpn
webvpn
url-list value CISCO2
Here is the complete configuration:
webvpn
enable outside
group-policy WEBVPN internal
group-policy WEBVPN attributes
vpn-tunnel-protocol webvpn
webvpn
url-list value CISCO1
username admin password eY/fQXw7Ure8Qrz7 encrypted privilege 15
tunnel-group WEBVPN type remote-access
tunnel-group WEBVPN general-attributes
default-group-policy WEBVPN
I hope this helps.
On Tue, Jun 8, 2010 at 7:24 AM, eseosa <eseosa.ehiwe_at_gmail.com> wrote:
> As a side note,
>
> Another way of doing url-lists without TFTP is exporting and importing
> the xml files to and from the terminal.
>
> Note : I cant seem to find the exact usage of the commands in cisco
> command reference .
>
> export webvpn url-list Template stdout
>
> import webvpn url-list <name> stdin <no of chars>
>
> see the following link for more info
>
>
> http://www.isrcomputing.com/knowledge-base/46-ccie-security-pursuit/172-how-to-create-cisco-ssl-vpn-url-links-from-command-line
>
>
>
> On 5/31/10, Eugene Varnavsky <eugvar_at_yandex.ru> wrote:
> > Hi,
> > TFTP-server (3COM) is available and you can use it.
> > But there is realy no need for it in ASA tasks .
> > As for IOS IPS to load files it's better to ask your proctor. All the
> files
> > are already on the flash.
> >
>
>
> --
> Warm Regards,
>
> Eseosa
> CCIE #23782
> Before God we are all equally wise - and equally foolish.
> Albert Einstein
Blogs and organic groups at http://www.ccie.net
Received on Tue Jun 08 2010 - 07:34:38 ART
This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 09:11:37 ART