Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Cannot access external webvpn

Hello, I hope someone can help me. Users on the inside of a ASA 5510 cannot access an external webvpn site. I have allowed https on the outside interface as well as on the inside interface. Is there anything that I am missing? I have attached a portion of the logs.


Cisco Employee

Re: Cannot access external webvpn

Your topology is unclear (ie is the external webvpn site on this ASA or on some other ASA or IOS router). If you only have one ASA, with webvpn enabled on the outside of this ASA and you are trying to access it from inside, this will not work (you would need to have webvpn enable on the inside interface as you wont be able to reach the webvpn on the outside interface from the inside).

Community Member

Re: Cannot access external webvpn

I apologise for not being clear. No, the webvnp is not on this ASA. It is hosted out on the internet (dont know what device) and the users on the inside LAN are trying to access it through this ASA.

Re: Cannot access external webvpn

you have allowed https for outside as well as inside.

Did you try for users inside the network to use the inside ip address to https ?

And for outside the network Oustde ip address of firewall .

It should work :)

Hope this helps

Community Member

Re: Cannot access external webvpn

I am not sure what you mean. I have https allowed on the inside interface for internal users going out to the internet and I have https allowed on the outside interface for external traffic coming into the private network. Would it be possible for you to point me in the direction of a example configuration?

your input is much appreciated, thanks.

Re: Cannot access external webvpn

Check the print screen.

Inside =

Outside =

Local LAN users needs to to access webvpn.

Outside Users can use https

CreatePlease to create content