74-29
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter74 Configuring Clientless SSL VPN
Encoding
The CSCO_WEBVPN_MACRO1 macro substitution with RADIUS is performed by VSA#223 (see
Table74-1).
A value such as www.cisco.com/email dynamically populates a bookmark on the Clientless SSL
VPN portal, such as https://CSCO_WEBVPN_MACRO1 or https://CSCO_WEBVPN_MACRO2
for the particular DAP or group policy.
CSCO_WEBVPN_MACRO2 —set with RADIUS-LDAP Vendor Specific Attribute (VSA). If you
are mapping from LDAP with an ldap-attribute-map command, use the
WebVPN-Macro-Substitution-Value2 Cisco attribute for this macro. See the Active Directory
ldap-attribute-mapping examples at
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/ref_extserver.html#wp1572118.
The CSCO_WEBVPN_MACRO2 macro substitution with RADIUS is performed by VSA#224 (see
Table74-1).
Each time clientless SSL VPN recognizes one of these six strings in an end-user request (in the form of
a bookmark or Post Form), it replaces the string with the user-specified value and then passes the request
to a remote server.
If the lookup of the username and password fails on the ASA, an empty string is substituted, and the
behavior converts back as if no auto sign-in is available.
Encoding
This pane lets you view or specify the character encoding for clientless SSL VPN portal pages.
Character encoding, also called “character coding” and “a character set,” is the pairing of raw data (such
as 0s and 1s) with characters to represent the data. The language determines the character encoding
method to use. Some languages use a single method, while others do not. Usually, the geographic region
determines the default encoding method used by the browser, but the remote user can change it. The
browser can also detect the encoding specified on the page, and render the document accordingly.
The encoding attribute lets you specify the value of the character-encoding method used on the portal
page to ensure that the browser renders it properly, regardless of the region in which the user is using the
browser, and regardless of any changes made to the browser.
By default, the ASA applies the “Global Encoding Type” to pages from Common Internet File System
servers. The mapping of CIFS servers to their appropriate character encoding, globally with the “Global
Encoding Type” attribute, and individually with the file-encoding exceptions displayed in the table,
provides for the accurate handling and display of CIFS pages when the proper rendering of filenames or
directory paths, as well as pages, is an issue.
Detailed Steps
Step1 Global Encoding Type determines the character encoding that all clientless SSL VPN portal pages
inherit except for those from the CIFS servers listed in the table. You can type the string or choose one
of the options from the drop-down list, which contains the most common values, as follows:
Table74-1 VSA#223
WebVPN-Macro-Value1 Y 223 String Single Unbounded
WebVPN-Macro-Value2 Y 224 String Single Unbounded