Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ASA 5510 8.2 Clientless VPN Error !!

Hello !!

I  m posting this subject seeking support, well i have been trying to set  up a clientless vpn connection on my ASA 5510, but every time i apply  the configuration and try it, it's not working and i can't figure out  the reason , i have been using GNS3 for a 5520 ASA and i could set up  the Clientless VPN but on the live production FW which is a 5510 i  always get an error page saying the requested url was not found, in  addition that when typing the URL i get redirected to other sub folder,  for exemple when going to https://X.X.X.X/webpn i will go under https://X.X.X.X/admin/webvpn,

I  m using ASDM to set up the config but in this case i will print the  command brief for the config i have done using ASDM alose but i want to  mention that i didn't check the outside interface for this time to allow  connection profile coming from the outside, i usually do this but i  maybe forgot this time, any way it didn't work for me in both cases,

I  want to mention one last thing before the config, i changed the https  acces port from 443 to 60443 for security but i also tried accessing  https:/:X.X.X.X:60443/webvpn with the same error page

      username jneji password 39oh91mbAyDw0FqP encrypted privilege 2

      username jneji attributes

        service-type remote-access

        group-lock value WebVPN-Connection-Profile

        webvpn

          hidden-shares none

          file-entry enable

          file-browsing enable

          url-entry enable

      username jneji attributes

        vpn-group-policy WebVPNPolicy

      group-policy WebVPNPolicy internal

      group-policy WebVPNPolicy attributes

        vpn-access-hours none

        vpn-simultaneous-logins 3

        vpn-tunnel-protocol webvpn

        banner none

        banner value Hello World !!

      tunnel-group WebVPN-Connection-Profile type remote-access

      tunnel-group WebVPN-Connection-Profile general-attributes

        default-group-policy WebVPNPolicy

      tunnel-group WebVPN-Connection-Profile webvpn-attributes

        group-alias WebVPN enable

        group-url https://X.X.X.X/webvpn enable

I did ceated the group policy first, the connection profile and finaly the user and linked them all together,

feel free to ask any question

Thanks in advance.

Cordially

Everyone's tags (3)
5 REPLIES
VIP Green

Cisco ASA 5510 8.2 Clientless VPN Error !!

You do not have the following configuration in your output...add this and test again.

webvpn

  enable outside

--

Please rate all helpful posts.

--

Please remember to rate and select a correct answer
VIP Green

Cisco ASA 5510 8.2 Clientless VPN Error !!

where outside is the name of the interface that you want the VPN to terminate on.

--

Please rate all helpful posts

--

Please remember to rate and select a correct answer
New Member

Cisco ASA 5510 8.2 Clientless VPN Error !!

Hello

I have adjusted the config as you suggested

      webvpn

        enable outside

      username JNEJI password XXkekkYMLpfun3!9ujxtYWy4RS4PzH9eZgf encrypted privilege 2

      username JNEJI attributes

        service-type remote-access

        group-lock value WebVPN-Connection-Profile

        vpn-group-policy WebVPN-Policy

      group-policy WebVPN-Policy internal

      group-policy WebVPN-Policy attributes

        vpn-access-hours none

        vpn-simultaneous-logins 3

        vpn-tunnel-protocol webvpn

        webvpn

          hidden-shares none

          file-entry enable

          file-browsing enable

          url-entry enable

      group-policy WebVPN-Policy attributes

        banner none

        banner value THIS IS A PRIVATE NETWORK SYSTEM !!!

      tunnel-group WebVPN-Connection-Profile type remote-access

      tunnel-group WebVPN-Connection-Profile general-attributes

        default-group-policy WebVPN-Policy

      tunnel-group WebVPN-Connection-Profile webvpn-attributes

        group-alias WebVPN enable

        group-url https://X.X.X.X/webvpn enable

But its not working,

BTW i have found a static nat rule saying to rediredt all traffic comming on HTTPS port to an old web server IP and i deleted it, but still dont work

Here the image of the error attached

VIP Green

Cisco ASA 5510 8.2 Clientless VPN Error !!

Do you get to the login screen or do you get the 404 error right away?

--

Please remember to rate and select a correct answer
VIP Green

Cisco ASA 5510 8.2 Clientless VPN Error !!

I think this is your issue

group-url https://X.X.X.X/webvpn enable

You have specified a group-policy that is not configured.  Change it to the following and test.

group-url https://X.X.X.X/WebVPN-Policy enable

--

Please rate all helpful posts.

--

Please remember to rate and select a correct answer
306
Views
0
Helpful
5
Replies
CreatePlease login to create content