ASA Dynamic Access Policies

Unanswered Question
Apr 21st, 2009


We are using an ASA 5510 and remote access (SSL VPN) using the AnyConnect client.

Is it possible to display a user message when a user connects using the AnyConnect client, matching a specific dynamic access policy? Can the message be displayed when the action is "Continue" rather than "Terminate"? I can't seem to get this to work and wondered if there was a LUA function to do this.

We have a DAP which gives a restricted ACL when the user's anti-virus is out of date, and I wanted to notify the user to update their anti-virus and reconnect.

Many thanks, Richard

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
carenas123 Mon, 04/27/2009 - 10:56

In "Access policy attributes" window there is an option called "User message" were you can bale to enter your message.

User Message-Enter a text message to display on the portal page when this DAP record is selected. Maximum 128 characters. A user message displays as a yellow orb. When a user logs on, it blinks three times to attract attention, and then it is still. If several DAP records are selected, and each of them has a user message, all of the user messages display. Additionally, you can include in such messages URLs or other embedded text, which require that you use the correct HTML tags.

richardlock Mon, 04/27/2009 - 23:09

Hi Carenas123,

Thanks for the reply. I have got some text in this "User Message" box, but it doesn't seem to display it. Does it only display when the action is terminate, or does it only show in the Clientless SSL VPN Portal and not when using the AnyConnect Client?

Thanks, Richard

bravotom99 Sat, 04/16/2011 - 08:01

I don't think the custom message displays unless it is set to Terminate.  You can try using the Banner though which displays once a connection is made.


This Discussion