SSL VPN on Cisco VPN Conncentrator

wasiimcisco · ‎08-25-2008

I m not able to configure the SSL VPN on cisco vpn concentrator with verion 4.x. I am not able to access the vpn concentrator via public interface. dont know what i m missing. I have enable the http/https access on public interface but still not able to do this. I even regenerate the certificate but still the problem is there.

Pleaes help me out.

Farrukh Haroon · ‎08-25-2008

How are you accessing the management interface?

http://ip/admin ?

REgards

Farrukh

wasiimcisco · ‎08-25-2008

i m accessing it with public IP configured on concentrator

I have tried with

https://pub ip

https://pub ip/admin

http://pub ip

but nothing is working, so many time enable and disable the interface, generate the certificate but no luck

Farrukh Haroon · ‎08-25-2008

Is the SSL VPN page working? (Not the admin page)?

Have you checked the filters on the public interface? (even tough in newer versions you don't need to change this). Which version are you running?

Regards

Farrukh

wasiimcisco · ‎08-25-2008

i regenerate the certificate and it is working fine on few machines, but still few users are unable to access, even my laptop is unable to access it, the users are that able to access the webvpn page, are unable to login, even i try with admin username/password but no luck.

I have concentrator for external AAA server, IPSEC remote access vpn is working fine. User are able to authenticate via everthing is working fine but via webvpn same AAA users not able to authenicate.

Group configured and webvpn is also configured

I want same AAA users to able to connect via SSL VPN. any help

Farrukh Haroon · ‎08-25-2008

What is your actual question? You started with HTTP/HTTPs not working...now this AAA issue? Or HTTP has started working now and you are working on the AAA issue???

Regards

Farrukh

wasiimcisco · ‎08-26-2008

Sorry i mix two different questions in one. I regenerate the certificate and problem fix. but still few users are not able to accesss HTTP/HTTPS.

but the users that are able to access webvpn page is not able to login with their user/password configured in External AAA serer.

These same users are able to connect via ISPEC remote access vpn via same username and password. but SSL vpn is not working for them.

Farrukh Haroon · ‎08-26-2008

Are you using the same group for both IPSEC and SSL.

Regards

Farrukh

wasiimcisco · ‎08-26-2008

yes i m using the same group for both.

Farrukh Haroon · ‎08-26-2008

Ok have a look at this:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a008055641a.shtml#webfail

Regards

Farrukh

wasiimcisco · ‎09-04-2008

I follow this, but only locally created users are able to connet not the ACS users.

I am authenticating the users via external ACS Radius server but failed.

Secondly when i connect via SSL VPN local users are not able to see IP address that is provided by the VPN concentrator.

I want SSL VPN to do remote desktop on my lan servers and also do the ssh/telnet to few database servers.

Please tell me how to define these servers in ssl vpn.

wasiimcisco · ‎09-06-2008

Can anybody help me regarding this matter

Farrukh Haroon · ‎09-06-2008

Did u follow the instructions in the link I gave you?

Regards

Farrukh

wasiimcisco · ‎09-06-2008

yes i follow the instructions. I am able to connect via local users created in VPN concentrator, but not able to connect via External AAA servers.

ALso i want to user access my exchange server and do the remote desktop to other windwos servers and telnet/ssh on to my database servers.

Right now only IPsec remote access vpn users are able to do all the above mention server connection.

I want AAA users do all things. Please tell me how to do this.