Webtype ACLs can be used to filter clientless SSL VPN traffic. These ACLs can deny access based upon URLs and destination addresses, and URL-based ACLs or TCP-based ACLs are the two types of web-type ACLs.
* URLs with the format -protocol://ip-address/path are allowed or denied using the URL-based ACLs; these ACLs are for filtering based on clientless features.
* To allow/deny port and ip address, TCP-based ACLs are used.