30-70
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 30 Managing Remote Access VPNs on ASA and PIX 7.0+ Devices
Customizing Clientless SSL VPN Portals
Creating Policy Objects, page 6-9
Add and Edit SSL VPN Customization Dialog Boxes, page 33-37
Creating Your Own SSL VPN Logon Page for ASA Devices
You can create your own custom SSL VPN Logon page rather than use the page provided by the security
appliance for browser-based clientless SSL VPNs. This is called full customization, and replaces the
settings you can configure in the SSL VPN Customization policy object.
To provide your own Logon page, you must create the page, copy it to the Security Manager server, and
identify the page on the Full Customization page of the SSL VPN Customization object dialog box. For
information on creating SSL VPN Customization objects, see Configuring ASA Portal Appearance
Using SSL VPN Customization Objects, page 30-66.
When you enable full customization, all other settings for the Logon page configured in the policy object
are ignored. When you deploy your configuration to the ASA device, Security Manager copies your
custom page to the device.
The Logon page you create must include all of the HTML code required to present the page correctly,
and include special Cisco HTML code that provides the functions for the login form and the Language
Selector drop-down list. Keep the following in mind when you create the HTML file:
The file extension must be .inc.
All images in the custom Logon page must be present on the security appliance. Replace the file
path with the keyword /+CSCOU+/, which is an internal directory on the ASA device. When you
upload an image to the device, it is saved in this directory.
Use the csco_ShowLoginForm(’lform’) Javascript function to add the login form to the page. This
form prompts for the username, passwords, and group information. You must include this function
somewhere on the page.
Use the csco_ShowLanguageSelector(’selector’) Javascript function to add the Language Selector
drop-down list to the page. You do not have to use this function if you are not supporting the use of
more than one language.
Related Topics
Configuring ASA Portal Appearance Using SSL VPN Customization Objects, page30-66
Add and Edit SSL VPN Customization Dialog Boxes, page 33-37
SSL VPN Customization Dialog Box—Full Customization, page 33-45
Configuring SSL VPN Bookmark Lists for ASA and IOS Devices
When you configure a browser-based clientless SSL VPN, you can define a list of bookmarks, or URLS,
to include on the SSL VPN portal page. Use SSL VPN bookmarks policy objects to define bookmark
lists.
You can create SSL VPN bookmark objects for SSL VPNs hosted on IOS devices or ASA devices.
However, these device types allow different bookmark configurations, the ASA device allowing more
configuration options than IOS devices. Besides allowing more configuration options, you can also
create bookmarks for ASA devices in non-English, non-ASCII languages. For more information on
localizing the bookmarks and portal for ASA devices, see Localizing SSL VPN Web Pages for ASA
Devices, page 30-68.