ISR Computing -

CCIE Security - How to create Cisco SSL VPN url-links from command-line

Recently I tried to configure SSL VPN links on Cisco ASA, but was unsuccessful. For some reason Cisco does not allow to paste URLs directly into the configuration file. Now Cisco wants us to use LISP.

So be it!!!

In our example we will create 2 links for R1 and R2 using "import webvpn url-list command". Most of the examples on the Internet concentrate on transferring LISP file through FTP, but I want it to be pasted in.

540 - is the number of characters in the LISP input. If you don't know exact number you can make it 20 or 30 characters more. Once you pasted your LISP code, start pressing "spacebar" and you will get successfully imported URLs.

ASA1(config)# import webvpn url-list SSLVPN_LIST stdin 540
<paste your LISP code here...>
%INFO: URL list 'SSLVPN_LIST' was successfully imported
ASA1(config)#

Code to paste:

<url-list>
<bookmark>
<title><![CDATA[R1]]></title>
<method><![CDATA[get]]></method>
<favorite><![CDATA[yes]]></favorite>
<url><![CDATA[http://1.1.1.1]]></url>
<subtitle><![CDATA[]]></subtitle>
<thumbnail><![CDATA[]]></thumbnail>
</bookmark>
<bookmark>
<title><![CDATA[R2]]></title>
<method><![CDATA[get]]></method>
<favorite><![CDATA[yes]]></favorite>
<url><![CDATA[http://2.2.2.2]]></url>
<subtitle><![CDATA[]]></subtitle>
<thumbnail><![CDATA[]]></thumbnail>
</bookmark>
</url-list>

Good luck with your CCIE Security studies!

Paul Greenberg, 2010