67-58
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter67 Configuring Connection Profiles, Group Policies, and Users
Group Policies
The following example shows how to configure auto-detect as the browser proxy setting for the group
policy named FirstGroup:
hostname(config)# group-policy FirstGroup attributes
hostname(config-group-policy)# msie-proxy method auto-detect
hostname(config-group-policy)#
The following example configures the proxy setting for the group policy named FirstGroup to use the
server QAserver, port 1001 as the server for the client device:
hostname(config)# group-policy FirstGroup attributes
hostname(config-group-policy)# msie-proxy server QAserver:port 1001
hostname(config-group-policy)# msie-proxy method use-server
hostname(config-group-policy)#
Step3 Configure browser proxy exception list settings for a local bypass on the client device by entering the
msie-proxy except-list command in group-policy configuration mode. These addresses are not accessed
by a proxy server. This list corresponds to the Exceptions box in the Proxy Settings dialog box.
hostname(config-group-policy)# msie-proxy except-list {value server[:port] | none}
hostname(config-group-policy)#
To remove the attribute from the configuration, use the no form of the command.
hostname(config-group-policy)# no msie-proxy except-list
hostname(config-group-policy)#
value server:port—Specifies the IP address or name of an MSIE server and port that is applied for
this client device. The port number is optional.
none—Indicates that there is no IP address/hostname or port and prevents inheriting an exception
list.
By default, msie-proxy except-list is disabled.
The line containing the proxy server IP address or hostname and the port number must be less than 100
characters long.
The following example shows how to set a browser proxy exception list, consisting of the server at IP
address 192.168.20.1, using port 880, for the group policy named FirstGroup:
hostname(config)# group-policy FirstGroup attributes
hostname(config-group-policy)# msie-proxy except-list value 192.168.20.1:880
hostname(config-group-policy)#
Step4 Enable or disable browser proxy local-bypass settings for a client device by entering the msie-proxy
local-bypass command in group-policy configuration mode.
hostname(config-group-policy)# msie-proxy local-bypass {enable | disable}
hostname(config-group-policy)#
To remove the attribute from the configuration, use the no form of the command.
hostname(config-group-policy)# no msie-proxy local-bypass {enable | disable}
hostname(config-group-policy)#
By default, msie-proxy local-bypass is disabled.
The following example shows how to enable browser proxy local-bypass for the group policy named
FirstGroup:
hostname(config)# group-policy FirstGroup attributes
hostname(config-group-policy)# msie-proxy local-bypass enable
hostname(config-group-policy)#