WebVPN - SSL Portal - URL Rewrite

Unanswered Question
Apr 12th, 2012

Hi,

I'm currently using WebVPN portal to access an internal web application. As I understood the router/firewall make a rewrite of each url by adding following information /PORT/IP_ADDRESS/resource. For example if I access (internally) http://192.168.1.100:81/index.html, from outside (via ssl portal) this will become https://vpn.mydomain.com/81/192.168.1.100/index.html

Now I have the following problem: the web application we are reaching have in allmost AJAX request the root (/) url as base point to do the GET request, this means that if for example the application try to load /images/test.gif it results in giving me the following WRONG get rewrite: https://vpn.mydomain.com/images/test.gif instead of the expected (right) URL https://vpn.mydomain.com/81/192.168.1.100/images/test.gif, this results that the webapplication is not usable from the portal. (the example above with the image is only to explain the problem, most problem happens on doing ajax request with the root url as base for GET request)

How may I overcome this problem?

The only solution I see is:

  • Manually change source code of the application (> 100k line of code, javascript is minimized) = not applicable
  • Using a URL rewrite somewhere (i.e. proxy?!) but I will still have some problem with https (certificate) and probably wont work



Thank you so much

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
vabruno Sun, 04/15/2012 - 16:32

don't think there is a solution for this because the ASA can't rewrite the URL unless the page is refreshed and that is not the case with Ajax application, you may want to try and use smart tunnels for that specific application

Sent from Cisco Technical Support iPad App

gabriel.barrios Thu, 10/10/2013 - 13:21

Have you try to do a Proxy Bypass at the ASA?

You will find it at:

Configuration----RemoteAccessVPN---Clientless---Advanced---ProxyBypass

You may use wildcard for your internal website.

Hope it helps

Gabriel

Actions

Login or Register to take actions

This Discussion

Posted April 12, 2012 at 7:53 AM
Stats:
Replies:2 Avg. Rating:
Views:1301 Votes:0
Shares:0
Categories: AnyConnect, ASA
+

Related Content

Discussions Leaderboard