Clientless SSL w/ Anyconnect already in place

Unanswered Question
Oct 16th, 2009

I am currently using AnyConnect as an SSL VPN service for some outside vendors to access a few of our applications. Unfortunately some of them refuse to download software, so I need to setup a clientless solution.

I used the SSL VPN wizard and setup a new Clientless SSL connection. Whenever I try to login it tells me:

Clientless (browser) SSL VPN access is not allowed.

In the Syslog it lists these 2 warnings

4 Oct 16 2009 10:43:20 722050 Group <TestLicensing> User <ksoutherland> IP <> Session terminated: SVC not enabled for the user

4 Oct 16 2009 10:43:20 113019 Group = , Username = , IP =, Session disconnected. Session Type: , Duration: 0h:00m:00s, Bytes xmt: 0, Bytes rcv: 0, Reason: Unknown

If I enable the SVC it just proceeds to setup the Anyconnect session even though in the Group Policy I have the login setting to go straight to the Clientless SSL Portal. Any ideas on this?

Is it because I already use Anyconnect and IPSec on this interface as well? I was able to get a clientless session working on another ASA out at my Colo, but this one just won't seem to comply.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Todd Pula Thu, 10/22/2009 - 11:11

Can you post your config? Make sure that the webvpn tunnel protocol is enabled under the respective group policy.


This Discussion