Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Proxy Bypass ASA 5550

I would like to get some more information on how the Proxy Bypass works.  I have an internal site that the users need to get to and needs to bypass the proxy to work correctly.  I found some documentation but it is some what sparse.  The site URL looks like this http://server1/welcome1.asp It is my understanding that proxy bypass uses path mask with a wild* card but there is now mask in the url link above.  Is there no way I can get this site to bypass the proxy using this command.  Below is the documentation I found on the command.

Usage Guidelines

Use proxy bypass for applications and web resources that work better with minimum content rewriting. The proxy-bypass command determines how to treat specific web applications that travel through the security appliance.

You can use this command multiple times. The order in which you configure entries is unimportant. The interface and path mask or interface and port uniquely identify a proxy bypass rule.

If you configure proxy bypass using ports rather than path masks, depending on your network configuration, you might need to change your firewall configuration to allow these ports access to the security appliance. Use path masks to avoid this restriction. Be aware, however, that path masks can change, so you might need to use multiple pathmask statements to exhaust the possibilities.

A path is everything in a URL after the .com or .org or other types of domain name. For example, in the URL,hrbenefits is the path. Similarly, for the URL, hrinsurance is the path. If you want to use proxy bypass for all hr sites, you can avoid using the command multiple times by using the * wildcard as follows: /hr*.

Everyone's tags (2)
New Member

Re: Proxy Bypass ASA 5550

Sorry to resurrect this old thread but I'm interested in the proxy bypass feature, yet I can't seem to make it work.

We have a custom web application which is full of javascript, and we're trying to access it via the webportal but this application does not load (white page).

the link is and SUBIF-ISP2 is the public interface facing the internet. This is the rule:

proxy-bypass interface SUBIF-ISP2 path-mask oursubdirectory target rewrite none

But this does not change the result. I tried multiple combinations adding the xml and hostname rewrite or changing the interface but nothing, the page is the same like if this rule was not applied.

Any suggestions?