Capturing Data
Changing a Group Policy or User Attributes to Use the Customization Object
Now that you have created the customization object, you need to activate your changes for specific
groups or users. Step 7 shows how to enable the customization object in a group policy:
Step 7
Enter the group policy webvpn configuration mode for a group policy and enable the customization
object using the customization command. The following example shows the customization object sales
enabled in the group policy sales:
hostname(config)# group-policy sales attributes
hostname(config-group-policy)# webvpn
hostname(config-group-webvpn)# customization value sales
Capturing Data
The CLI capture command lets you log information about websites that do not display properly over a
clientless SSL VPN session. This data can help your Cisco customer support engineer troubleshoot
problems. The following sections describe how to capture and view clientless SSL VPN session data:
•
•
Enabling clientless SSL VPN capture affects the performance of the security appliance. Be sure to
Note
disable the capture after you generate the capture files needed for troubleshooting.
Creating a Capture File
Perform the following steps to capture data about a clientless SSL VPN session to a file.
Step 1
To start the capture utility for clientless SSL VPN, use the capture command from privileged EXEC
mode.
capture capture_name type webvpn user webvpn_username
where:
•
•
The capture utility starts.
A user logs in to begin a clientless SSL VPN session. The capture utility is capturing packets.
Step 2
Stop the capture by using the no version of the command.
no capture capture_name
The capture utility creates a capture_name.zip file, which is encrypted with the password koleso.
Send the .zip file to Cisco Systems, or attach it to a Cisco TAC service request.
Step 3
Step 4
To look at the contents of the .zip file, unzip it using the password koleso.
Cisco Security Appliance Command Line Configuration Guide
37-78
Creating a Capture File
Using a Browser to Display Capture Data
capture_name is a name you assign to the capture, which is also prepended to the name of the
capture files.
webvpn_user is the username to match for capture.
Chapter 37
Configuring Clientless SSL VPN
OL-12172-03