cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4646
Views
0
Helpful
5
Replies

SSL WEB VPN cannot login

franpena2008
Level 1
Level 1

Good morning,

I am trying to deploy an SSL VPN in ASA 8.0, I have allow access in public interface and configured radius authentication.

I have debug radius in asa and I see authentication is OK, i also checked from asa test radius button and works for authentication but

it does not work for authorization.

I have already configured a local user in radius server.

Thanks for your help.

Best regards

Fran

2 Accepted Solutions

Accepted Solutions

You could possibly be hitting a license limit if a couple of sessions did not disconnect properly and you only have the default of 2 SSL licenses.. Do "show ver" to see how many webvpn licenses you have. Also try "vpn-sessiondb logoff all" to clear any existing connections.

-heather

View solution in original post

P.S. If I have answered your question please mark the post as resolved  and rate the responses. This helps us more easily identify which  questions remain unanswered and let us know how we are doing. Thanks in  advance!

View solution in original post

5 Replies 5

Jennifer Halim
Cisco Employee
Cisco Employee

What do you mean by it does not work for authorization?

If you just want to authenticate user to connect via SSL VPN, you do not need to configure authorization.

Please remove the authorization, and just test with authentication.

Please also make sure that you have applied the authentication-server-group for radius on the tunnel-group that you are using for SSL VPN.

Authentication seems to be working OK ,

I see radius server authenticates me when I type user and password.

Also checked with debug radius in ASA and passed.

But in web browser window a message appears: login failed

Any clue?

Thanks for your help

Fran

2010/5/20 halijenn :

FRAN PENA MARTINEZ,

>

A new message was posted in the Discussion thread "SSL WEB VPN cannot login":

>

https://supportforums.cisco.com/message/3076323#3076323

>

Author  : halijenn

Profile : https://supportforums.cisco.com/people/halijenn

>

Message:

I have tried even with an local user configured in ASA and same message in web browser login incorrect: login failed

I have removed all config and tried again using ssl vpn wizard, defined a local user, same problem , login failed

You could possibly be hitting a license limit if a couple of sessions did not disconnect properly and you only have the default of 2 SSL licenses.. Do "show ver" to see how many webvpn licenses you have. Also try "vpn-sessiondb logoff all" to clear any existing connections.

-heather

P.S. If I have answered your question please mark the post as resolved  and rate the responses. This helps us more easily identify which  questions remain unanswered and let us know how we are doing. Thanks in  advance!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: