Cisco ASA5510 Clientless webportal problem

danhed7400 · ‎01-26-2012

hi.

i have a strange problem.

i have Redundant ASA5510 setup (active/passive)

users have been using IPsec and SSL vpn for a long time without any problem.

now some users want to be able to access bookmarks and company data through the Web portal.

i have enabled Clientless SSL VPN Access, and created a Connection profile, with clientless SSL VPN protocol enabled

when i access to outside of the ASA, im promtet for login, and after succesful login, it starts to download and install the Anyconnect client. and the portal never appers, i have change the option "default post login selection" to go to clientless SSL VPN portal, but i has no effect.

what am im missing ??, i have enabled the service before on other ASA firewall, without any problem, as i recall there`s no need for additional software on the ASA.

i have tried to manuel change the url to https://Domain.domain.dk/+CSCOE+/portal.html , after a succesful login, but it auto changes to

https://Domain.domain.dk/+CSCOE+/noportal.html

danhed7400 · ‎01-27-2012

no comment on this ?

RonJaws4-CTP · ‎04-26-2012

Hopefully you have figured this out by now, its been a few months. I had the same problem. You must disable anyconnect essentials in order to use Clientless VPN. I recommend checking with TAC on your license situation first and also testing to ensure both clientless and client vpn work after you make the change. See the screenshot below.

I hope this helps

mpfau · ‎03-09-2013

Hi Ron,

hi Dan,

I still run into the same problem after adding an AnyConnect Premium Peer License to an ASA which still have

AnyConnect Essentials License.

After configuring clientless vpn I run into the first issue: after successfully login with clientless vpn the anyconnect client downloader starts automatically every time. No matter that in every group-policy the 'Post Login Settings' are configured to 'Go to Clientless SSL VPN portal'.

I spent hours in troublehshooting and nothing helps. Even deleting all group-policies, tunnel-groups and webvpn configuration making the complete configuration step-by-step again is leading into the same problem.

Only when I toggle the 'Post Login Settings' to 'Prompt user to choose' I got the same issue as Dan:

Empty page on https://Domain.domain.de/+CSCOE+/portal.html

Then I found this thread and Rons answer. After disabling anyconnect essentials as Ron wrote the clientless vpn is working.

Many Thanks!

Michael

m-mostafa · ‎12-22-2013

dear sir

i need help with the clientless web vpn configuration through ASA 5520 with 7.2

I've done all the configuration on the asa and everything is working but still a problem with the port-forwarding which is on the client side the java don't wont to accept the certificate is there a solution for this problem

actually my goal for configuring the clientless webvpn is to allow telnet and remote desktop sessions

hope there is an answer

fturner94 · ‎04-08-2020

This is mainly for anyone who stumbles upon this now since it was never answered. I had this issue recently and after verifying "http server enable" was set, "Encryption-3DES-AES" was Enabled (show version) and I had access available from the subnet I was trying to access it from, I just changed the path to include the "/admin", (so https://x.x.x.x/admin) option and it allowed me to access the ASA.

I was just attempting to get to the web browser to download ASDM and ran into this, so hopefully this helps anyone doing a frantic google search!

alain.riesen · ‎02-14-2024

there might be a simple solution to this. It might be, that in the WebVPN configuration the secure client (anyconnect) image is missing.
Adding it with "anyconnect image flash:/<image>.pkg 1" did solve the problem for me.