IOS SSL VPN (problems / which files is needed on the flash)

Unanswered Question
Mar 3rd, 2009

Hi,

for the IOS SSL VPN need to know which files are needed on the router FLASH.

Is needed any home.shtml ?

I've used the following info to configure the cisco 2821 router:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6657/white_paper_c07-372106_ps6657_Products_White_Paper.html

I've installed the

sslclient-win-1.1.4.179-anyconnect.pkg

BUT WHEN I TRY TO CONNECT TO THE ROUTER https://xxx.20.yyy.156/tunnel THE ROUTER TELL ME:

Mar 3 17:25:24 Rome: WV-SDPS: Sev 1:sdps_sslvpn_send_ssl_func(),line 484:SDPS Assertion failed :!ret

Mar 3 17:25:24 Rome: %SSLVPN-5-SSL_TLS_ERROR: vw_ctx: UNKNOWN vw_gw: sslvpn i_vrf: 0 f_vrf: 0 status: SSL/TLS connection error with remote at xxx.244.yyy.87:2634

Following the config:

webvpn gateway sslvpn

hostname sslvpn

ip address xxx.20.yyy.156 port 443

ssl encryption aes-sha1

ssl trustpoint local

logging enable

inservice

!

webvpn install svc flash:/webvpn/svc_1.pkg sequence 1

!

webvpn context context-sslvpn1

ssl authenticate verify all

!

url-list "eng"

url-text "wwwin-eng" url-value "http://wwwin-eng.cisco.com"

!

nbns-list "cifs-servers"

nbns-server 172.16.1.1 master

nbns-server 172.16.2.2 timeout 10 retries 5

nbns-server 172.16.3.3 timeout 10 retries 5

login-message "unauthorized access to this network device is prohibited."

!

port-forward "portlist"

local-port 30019 remote-server "ssh-server" remote-port 22 description "SSH"

local-port 30021 remote-server "mailserver" remote-port 110 description "POP3"

local-port 30022 remote-server "mailserver" remote-port 25 description "SMTP"

local-port 30020 remote-server "mailserver" remote-port 143 description "IMAP"

!

policy group policy-sslvpn1

url-list "eng"

port-forward "portlist"

nbns-list "cifs-servers"

functions file-access

functions file-browse

functions file-entry

citrix enabled

default-group-policy policy-sslvpn1

gateway sslvpn domain clientless

user-profile location flash:webvpn/sslvpn/context-sslvpn1

inservice

!

!

webvpn context context-sslvpn2

ssl authenticate verify all

!

!

policy group policy-sslvpn2

functions svc-enabled

svc address-pool "WEBVPN"

svc default-domain "cisco.com"

svc keep-client-installed

svc dpd-interval gateway 30

svc rekey method new-tunnel

svc split include 10.0.0.0 255.255.255.0

svc dns-server primary 192.168.3.1

svc dns-server secondary 192.168.4.1

default-group-policy policy-sslvpn2

aaa authentication list clientauth

gateway sslvpn domain tunnel

user-profile location flash:webvpn/sslvpn/context-sslvpn2

logging enable

inservice

!

end

sslvpn#

Regards.

Roberto Taccon

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smalkeric Mon, 03/09/2009 - 07:28

This will be resolved in 2.4.18 of the AnyConnect client. You may want to try the 2.2+ version of AnyConnect as a potential work around.

Actions

This Discussion