telnet and http server for ipsec clients

Answered Question
Sep 28th, 2010
User Badges:

Hi,


Trying to get telnet and http server available for ipsec clients.This is from my config:


http server enable

http 10.180.1.0 255.255.255.0 inside <-- LAN

http 10.180.20.0 255.255.255.0 outside <-- VPN pool


VPN client can connect to LAN hosts, but not to the LAN asa IP 10.180.1.254. The ASA does not seem to listen to an IP at the vpn pool 10.180.20.0/24 either.


What am I missing here?

Correct Answer by Panos Kampanakis about 6 years 5 months ago

Also make sure you have enabled the http server.

If still you can't connect enable the "http" debugs and sylogs to get more details.


PK

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
mirober2 Tue, 09/28/2010 - 07:45
User Badges:
  • Cisco Employee,

Also, you'll need to update your 'http' and 'telnet' commands to include the IP addresses of the VPN clients.


-Mike

Correct Answer
Panos Kampanakis Wed, 09/29/2010 - 11:13
User Badges:
  • Cisco Employee,

Also make sure you have enabled the http server.

If still you can't connect enable the "http" debugs and sylogs to get more details.


PK

3moloz123 Thu, 09/30/2010 - 05:38
User Badges:

When I connect with ASDM, I do get the warning about security certificate, "do you want to trust this publisher?", but when I click yes it cant connect.

Telnet behaves pretty much the exact same way, it does connect but the session is immediately resetted - so the telnet windows flashes quickly which is NOT the case if the port is not open for me.

Panos Kampanakis Thu, 09/30/2010 - 06:12
User Badges:
  • Cisco Employee,

I would suggest using the "debug http" to see what the ASA reports when you try ASDM.


PK

3moloz123 Wed, 10/27/2010 - 04:29
User Badges:

Hi,


it has been a while. Here's output of 'debug http 255':


HTTP: processing ASDM request [/admin/version.prop] (aware_webvpn_conf.re2c:414)
HTTP: Do not check session. Reasons: not required=[0], no AAA=[1], IPv6=[0]
HTTP: processing ASDM request [/admin/version.prop] (aware_webvpn_conf.re2c:414)
HTTP: Do not check session. Reasons: not required=[0], no AAA=[1], IPv6=[0]
HTTP: processing ASDM request [/idm/idm.jnlp/] (aware_webvpn_conf.re2c:414)
HTTP: Do not check session. Reasons: not required=[0], no AAA=[1], IPv6=[0]
HTTP: processing ASDM request [/idm/idm.jnlp/] (aware_webvpn_conf.re2c:414)
HTTP: Do not check session. Reasons: not required=[0], no AAA=[1], IPv6=[0]


The user is level 15




Sorry, it works now. Was http server that listened on wrong interface :-)

Actions

This Discussion