1-9
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Using SSL to Access Internal Servers
When configuring support for HTTP and HTTPS proxy services, you can assign preset credentials to
send with each request for basic authentication. You can also specify URLs to exclude from HTTP and
HTTPS requests.
Restrictions
You can specify a proxy autoconfiguration (PAC) file to download from an HTTP proxy server, however,
you may not use proxy authentication when specifying the PAC file.
Command Purpose
Step 1
webvpn
Switches to webvpn configuration mode.
Step 2
http-proxy and https-proxy
Configures the ASA to use an external proxy server
to handle HTTP and HTTPS requests.
Note Proxy NTLM authentication is not
supported in http-proxy. Only proxy
without authentication and basic
authentication are supported.
Step 3
http-proxy host [port] [exclude url] [username
username {password password}]
Step 4
https-proxy host [port] [exclude url] [username
username {password password}]
Step 5
http-proxy pac url
Step 6
(Optional)
exclude
Excludes URLs from those that can be sent to the
proxy server.
Step 7
host
Provides the hostname or IP address for the external
proxy server.
Step 8
pac
Proxy autoconfiguration file downloaded to the
ASA that uses a JavaScript function to identify a
proxy for each URL.
Step 9
(Optional, and only available if you specify a username)
password
Accompanies each proxy request with a password to
provide basic, proxy authentication.
Step 10
password
Sent to the proxy server with each HTTP or HTTPS
request.
Step 11
(Optional)
port
Provides the port number used by the proxy server.
The default HTTP port is 80. The default HTTPS
port is 443. The ASA uses each of these ports if you
do not specify an alternative value. The range is
1-65535.