SSL VPN ASA5520

Unanswered Question
Apr 3rd, 2008

Have one application in public webserver, accessed from internet and this application function fine. Access the same applicatin from ssl vpn and the application crash, dont function. What i to do or verifided ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
josribei Thu, 04/03/2008 - 12:24

Hi Vinicius,

Could you please detail your question?

What application are you talking about?

What is the ASA sw version?

Have you tried disabling cache and compression feature within webvpn config?

Is that issue related with the format of the site?

Is that application using some specific port?

Are you using porforward?

Vinicius Cangussu Thu, 04/03/2008 - 14:01

Could you please detail your question?

Have one object in my public webserver. This object is a ajax based(MsXML2.XMLHTTP) and work very well. When access the same object in clientless ssl vpn, the server this ssl vpn is ASA5520, the response of ajax is to lazy or wrong, see in javascript code the ssl vpn put in the source code one the string, -CSCO-30-.

What application are you talking about?

Ajax based(MsXML2.XMLHTTP) and JavaScript App

What is the ASA sw version?

ASA5520 IOS 8.0(3)

Have you tried disabling cache and compression feature within webvpn config?

Yes, but don't solve the problem.

Is that issue related with the format of the site?

Yes. Some element is changed, images and scripts, when ssl vpn for exemple insert the caracter, CSCO-30-.

Is that application using some specific port?

No. The port is default.

Are you using porforward?

No.

Vinicius Cangussu Thu, 04/03/2008 - 14:01

This is a source code the app:

///HTML File

function ChamaAJAX()

{

document.getElementById("txtRequest").value = w2.PegaHora();

}

CSCO_seppuku();CSCO_WebVPN["flush"]();

top.noUrlEntry=true; CSCO_seppuku();CSCO_seppuku();if(!window.onresize || 'undefined' == typeof(window.onresize.nTop)){var csco_tb='if(!document.body) {window.csco_setTimeout(csco_tb, 100);}else{window.csco_setTimeout(CSCO_ITB_show,500);var csco_bodyonresize = document.body.onresize; document.body.onresize = function (){if(csco_bodyonresize){csco_bodyonresize();};CSCO_ITB_resize();}; var csco_selfonresize=self.onresize; self.onresize = function (){if(csco_selfonresize){csco_selfonresize();};CSCO_ITB_resize();};var csco_bodyonscroll=document.body.onscroll;document.body.onscroll = function (){if(csco_bodyonscroll){csco_bodyonscroll();};CSCO_ITB_resize();};var csco_selfonscroll=self.onscroll;self.onscroll = function (){if(csco_selfonscroll){csco_selfonscroll();};CSCO_ITB_resize();};};'; eval(csco_tb);CSCO_seppuku();}

///Java Script File

CSCO_seppuku();$CSCO_cookie_ver=CSCO_WebVPN['get_cookie_version'](); if($CSCO_cookie_ver.length>0){document.write('');}

CSCO_seppuku();sessionCheck('/+CSCOE+/ping.html'); setInterval("sessionCheck('/+CSCOE+/ping.html')",60000);setInterval("sessionCookieCheck()",5000)// AJAX Class Script v1.0.3015.23364

function cw2(){this.ClassName = "AjaxTest.w2, AjaxTest, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null";this.PegaHora = function(CallBack){var objAJAX = new cAJAX();var objXmlUtil = new cXmlUtil("PegaHora", this.ClassName);

if (typeof(CallBack) == "function")

{

objAJAX.SendData("w2.aspx",objXmlUtil.ReturnXML(), CallBack);

}

else

{

return objAJAX.SendData("w2.aspx",objXmlUtil.ReturnXML(), CallBack);

}

}

}

var w2 = new cw2();top.noUrlEntry=true; CSCO_seppuku();CSCO_seppuku();if(!window.onresize || 'undefined' == typeof(window.onresize.nTop)){var csco_tb='if(!document.body) {window.csco_setTimeout(csco_tb, 100);}else{window.csco_setTimeout(CSCO_ITB_show,500);var csco_bodyonresize = document.body.onresize; document.body.onresize = function (){if(csco_bodyonresize){csco_bodyonresize();};CSCO_ITB_resize();}; var csco_selfonresize=self.onresize; self.onresize = function (){if(csco_selfonresize){csco_selfonresize();};CSCO_ITB_resize();};var csco_bodyonscroll=document.body.onscroll;document.body.onscroll = function (){if(csco_bodyonscroll){csco_bodyonscroll();};CSCO_ITB_resize();};var csco_selfonscroll=self.onscroll;self.onscroll = function (){if(csco_selfonscroll){csco_selfonscroll();};CSCO_ITB_resize();};};'; eval(csco_tb);CSCO_seppuku();}

eberle.patrik Mon, 10/13/2008 - 01:00

Are the Ajax path fixed on this Patch?

The Problem in my situation is:

IE7:

The WebApplication(Ajax Scripts)freezes after 30-60s and must be reinitialated(Only when the Application Idle). Sounds like a Timeout Problem. Same Problem in 8.0(3) and 8.0(4)

Additionaly when the new Firmware is activ i'm not able to create a PDF with the Script.

Mozilla Firefox:

The timeoutproblem isn't exist, but the Webapplication isn't employed for this Browser. About this Reason the Application doesn't work very well.

Any Idea's ?

Hmmm that sounds like a timeout issue indeed. It might be an issue with the ASA, but could it could also exist within your application/browser. I don't think this is the same issue as the above thread. Have you looked into the known bugs/caveats yet? If your problem is not listed, I suggest creating a TAC. They might be able to help you pinpoint the problem. Application <> browser <> ASA.

eberle.patrik Thu, 10/16/2008 - 07:11

Now we have another experience with this Problem.

We have the spezified browser IE7( Are standart browser and change is not possible)

- It give a timeout

- The HTML request also Works after this timeout

- Only what not works is the Ajax-script

- the timeout is nearly 30 seconds.

- when it give a "keepalive" from Webserver it works also.

With the Browser Mozilla Firefox doesn't exist. Problem is the Ajax-Application doesn't support this Browser

Actions

This Discussion