Cisco ASA Series Cli Configuration Manual page 1888

Optimizing Clientless SSL VPN Performance
Detailed Steps
Command
Step 1
webvpn
Example:
hostname(config)# webvpn
Step 2
portal-access-rule priority [{permit | deny [code
code]} {any | user-agent match string}
Example:
hostname(config-webvpn)# portal-access-rule 1 deny code
403 user-agent match *Thunderbird*
hostname(config-webvpn)# portal-access-rule 1 deny code
403 user-agent match "*my agent*"
Optimizing Clientless SSL VPN Performance
The ASA provides several ways to optimize clientless SSL VPN performance and functionality.
Performance improvements include caching and compressing web objects. Functionality tuning includes
setting limits on content transformation and proxy-bypass. APCF provides an additional method of
tuning content transformation. The following sections explain these features:
•
•
Configuring Caching
Caching enhances clientless SSL VPN performance. It stores frequently reused objects in the system
cache, which reduces the need to perform repeated rewriting and compressing of content. It reduces
traffic between clientless SSL VPN and the remote servers, with the result that many applications run
much more efficiently.
By default, caching is enabled. You can customize the way caching works for your environment by using
the caching commands in cache mode.
Cisco ASA Series CLI Configuration Guide
1-80
Configuring Caching
Configuring Content Transformation
Chapter 1 Configuring Clientless SSL VPN
Purpose
Enter webvpn configuration mode.
Permit or deny the creation of a SSL VPN session
based on an HTTP header code or a string in the
HTTP header.
The second example shows the proper syntax for
specifying a string with a space. Surround the
string with wildcards (*) and then quotes (" ").