ASA 8.0(4) Clientless VPN http to different port

joerggrau · ‎12-22-2009

I am setting up a ASA 5510 8.0(4) to eventually replace our current VPN 3000 series concentrators.

Everything is working great, except for one link. I am trying to make the following kind of link work:

http://10.10.10.12:1494

I am allowing it in my WebACLs, but I get the same "resource not available" everytime.

I can get to the same server using http to port 80, but as soon as I try to http to a different port I am dead in the water.

Any help would be appreciated.

Thanks

Joerg

hdashnau · ‎12-28-2009

One idea -- you may have a web type acl that is blocking communication to this server on this port through the webvpn. Web type acls are configured in ASDM 6.x under Configuration>Remote Access VPN>Clientless SSL>Advanced>Web ACLs

joerggrau · ‎12-29-2009

I tried it with web ACLs and without them. I tried multiple ACLs. I specifically allowed the connection in the same manner I allow other HTTP servers, whose destination ports are the standard ones (i.e. 80), I tried an any allowed, and I tried without using any Web ACLs. The result is still the same. I get a failed connection and the message that the server is not available. This kind of http to a different port works just fine in the old VPN 3010s.

Thanks

---

Joerg Grau