Hi,
for the IOS SSL VPN need to know which files are needed on the router FLASH.
Is needed any home.shtml ?
I've used the following info to configure the cisco 2821 router:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6657/white_paper_c07-372106_ps6657_Products_White_Paper.html
I've installed the
sslclient-win-1.1.4.179-anyconnect.pkg
BUT WHEN I TRY TO CONNECT TO THE ROUTER https://xxx.20.yyy.156/tunnel THE ROUTER TELL ME:
Mar 3 17:25:24 Rome: WV-SDPS: Sev 1:sdps_sslvpn_send_ssl_func(),line 484:SDPS Assertion failed :!ret
Mar 3 17:25:24 Rome: %SSLVPN-5-SSL_TLS_ERROR: vw_ctx: UNKNOWN vw_gw: sslvpn i_vrf: 0 f_vrf: 0 status: SSL/TLS connection error with remote at xxx.244.yyy.87:2634
Following the config:
webvpn gateway sslvpn
hostname sslvpn
ip address xxx.20.yyy.156 port 443
ssl encryption aes-sha1
ssl trustpoint local
logging enable
inservice
!
webvpn install svc flash:/webvpn/svc_1.pkg sequence 1
!
webvpn context context-sslvpn1
ssl authenticate verify all
!
url-list "eng"
url-text "wwwin-eng" url-value "http://wwwin-eng.cisco.com"
!
nbns-list "cifs-servers"
nbns-server 172.16.1.1 master
nbns-server 172.16.2.2 timeout 10 retries 5
nbns-server 172.16.3.3 timeout 10 retries 5
login-message "unauthorized access to this network device is prohibited."
!
port-forward "portlist"
local-port 30019 remote-server "ssh-server" remote-port 22 description "SSH"
local-port 30021 remote-server "mailserver" remote-port 110 description "POP3"
local-port 30022 remote-server "mailserver" remote-port 25 description "SMTP"
local-port 30020 remote-server "mailserver" remote-port 143 description "IMAP"
!
policy group policy-sslvpn1
url-list "eng"
port-forward "portlist"
nbns-list "cifs-servers"
functions file-access
functions file-browse
functions file-entry
citrix enabled
default-group-policy policy-sslvpn1
gateway sslvpn domain clientless
user-profile location flash:webvpn/sslvpn/context-sslvpn1
inservice
!
!
webvpn context context-sslvpn2
ssl authenticate verify all
!
!
policy group policy-sslvpn2
functions svc-enabled
svc address-pool "WEBVPN"
svc default-domain "cisco.com"
svc keep-client-installed
svc dpd-interval gateway 30
svc rekey method new-tunnel
svc split include 10.0.0.0 255.255.255.0
svc dns-server primary 192.168.3.1
svc dns-server secondary 192.168.4.1
default-group-policy policy-sslvpn2
aaa authentication list clientauth
gateway sslvpn domain tunnel
user-profile location flash:webvpn/sslvpn/context-sslvpn2
logging enable
inservice
!
end
sslvpn#
Regards.
Roberto Taccon