Cisco Systems ASA 5510 Network Router User Manual


  Open as PDF
of 2086
 
69-36
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 69 General VPN Setup
ACL Manager
Bypass Proxy Server for Local Addresses—Configures Microsoft Internet Explorer browser
proxy local-bypass settings for a client PC. Click Yes to enable local bypass or No to disable
local bypass.
Exception List—Lists the server names and IP addresses that you want to exclude from proxy
server access. Enter the list of addresses that you do not want to have accessed through a proxy
server. This list corresponds to the Exceptions list in the Proxy Settings dialog box in Internet
Explorer.
PAC URL—Specifies the URL of the auto-configuration file. This file tells the browser where to
look for proxy information. To use the proxy auto-configuration (PAC) feature, the remote user must
use the Cisco AnyConnect VPN client.
Many network environments define HTTP proxies that connect a web browser to a particular
network resource. The HTTP traffic can reach the network resource only if the proxy is specified in
the browser and the client routes the HTTP traffic to the proxy. SSLVPN tunnels complicate the
definition of HTTP proxies because the proxy required when tunneled to an enterprise network can
differ from that required when connected to the Internet via a broadband connection or when on a
third-party network.
In addition, companies with large networks might need to configure more than one proxy server and
let users choose between them, based on transient conditions. By using .pac files, an administrator
can author a single script file that determines which of numerous proxies to use for all client
computers throughout the enterprise.
The following are some examples of how you might use a PAC file:
Choosing a proxy at random from a list for load balancing.
Rotating proxies by time of day or day of the week to accommodate a server maintenance
schedule.
Specifying a backup proxy server to use in case the primary proxy fails.
Specifying the nearest proxy for roaming users, based on the local subnet.
You can use a text editor to create a proxy auto-configuration (.pac) file for your browser. A .pac file
is a JavaScript file that contains logic that specifies one or more proxy servers to be used, depending
on the contents of the URL. Use the PAC URL field to specify the URL from which to retrieve the
.pac file. Then the browser uses the .pac file to determine the proxy settings.
Modes
The following table shows the modes in which this feature is available:
Add/Edit Standard Access List Rule
The Add/Edit Standard Access List Rule dialog box lets you create a new rule, or modify an existing
rule.
Fields
Action—Determines the action type of the new rule. Choose either Permit or Deny.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
——