SSL VPN !

Answered Question
Mar 22nd, 2007
User Badges:

Hi!

I am not really expert on troubleshooting of VPN connections. There is a question related with SSl VPN.


I have recently configured SSL VPN to our partner to get him accessed to internal WEB resources. I did it. Seems to be fine. But they are complaining about that can't keep the LAN and VPN connection simultaneously at their side. Is it normal for SSL VPN? Or?


thanks

Correct Answer by h.parsons about 10 years 3 months ago

Under your group policy put the command: vpn-simultaneous-logins <0-2147483647> Maximum number of simultaneous logins allowed

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
kaachary Thu, 03/22/2007 - 16:24
User Badges:
  • Cisco Employee,

You might not have configured split tunnel. You need to configure split tunnel in the group on the headend device ( CVPN concentrator or ASA )



*Please rate if it helps.


-Kanishka


Leo_Stobbe Thu, 03/22/2007 - 22:34
User Badges:

I didn't get you...

Why do i need split-tunneling?

This is as i know for getting remote access vpn clinets to Internet through VPN-endpoint.


I tested myself

When i try to establish SSL VPN through the dial-up internet...I can connect and see the web servers, which is allowed through WEB VPN. But i can't go anywhere else in Internet.So i mean i want to use my dial-up internet simultaneously with ssl vpn.(not the corporate internet, through split-tunneling)


How can i do that?

kaachary Fri, 03/23/2007 - 03:04
User Badges:
  • Cisco Employee,

That is not correct. Enabling Split tunnel means, only specific trafic will be tunneled, rest all other traffic(normal Internet traffic) will go through the client's ISP (in clear text).


Split tunneling is exactly opposite of what you are thinking it is to be.


To read more about split tunnel :


http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00806f34fa.shtml


The doc is however for ipsec clients, but same applies to SSL clients as well.


*Please rate if helped.


-Kanishka

Leo_Stobbe Fri, 03/23/2007 - 04:31
User Badges:

Thanks, for information regarding the tunnel.


But if i create one username for WEB/SSL VPN,

is it possible that several users can use simultaneously this account? If not, how to do that?



kaachary Fri, 03/23/2007 - 05:07
User Badges:
  • Cisco Employee,

On concentrator , Go to


Configuration-->Use Management--->Users-->Modify--->General


"Simultaneous Logins" option defines, how many simultaneous session can occur for this username.


*Please rate if helped.


-Kanishka

Correct Answer
h.parsons Fri, 03/23/2007 - 13:05
User Badges:

Under your group policy put the command: vpn-simultaneous-logins <0-2147483647> Maximum number of simultaneous logins allowed

balbaletabrez Sun, 02/14/2010 - 02:56
User Badges:

Hi can you share the SSL VPN configuration on ASA 5520.


As i intend to configure ASA 5520 for SSL.


Thanks

Tabrez

Actions

This Discussion