ASA WebVPN: homepage smarttunnel

Unanswered Question
May 19th, 2009
User Badges:

Anyone know how to enable smarttunnel for a group-policy homepage url, so that the entire traffic for that tunnel-group is smarttunneled, had some http applications that wont run otherwise.

this is where in the ASA it is setup

Edit the group-policy --> More options --> Customization --> Homepage URL

that is the one i wish to be able to enable smarttunneling on.


Lars Christian Andersen

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ivillegas Mon, 05/25/2009 - 14:28
User Badges:
  • Silver, 250 points or more

If a group policy specifies a smart tunnel list and the security appliance assigns the policy to a clientless session, the applications specified in the list become available to the session. Therefore, to complete the configuration of the smart tunnel feature, you must assign a smart tunnel list to any group policies to be applied to the users for whom you want to provide smart tunnel access

Todd Pula Tue, 06/02/2009 - 08:15
User Badges:
  • Silver, 250 points or more

For now, the only way this can be achieved is by following the steps below. The only caveat with this solution is that there is no clean way to close the smart tunnel relay once it is started because the navigation toolbar will not display. You will need to manually go to the logout page in order to logout and terminate the smart tunnel relay.

1. ASA image: 8.0.3(2) or later.

2. Write a simple html page with the following and upload it as web content (html), replace sample URL with yours:


3. Create a customization object with a customized pane to load the html content that you created in step 2. The URL for the html pane would be the webcontent you loaded earlier, such as: /+CSCOE+/cisco.htm

4. In the group policy, auto start Smart Tunnels using any random string in the ST list

5. To log out, try going to https:///+webvpn+/webvpn_logout.html


This Discussion