Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

removing "webvpn" from config?

I have a 5520 that I am working on (8.2.2)....and in the config it has the line "webvpn".  How do I get rid of this since I have no vpn or webvpn configured on the FW?

Here is how it looks:

ntp server NTP
webvpn
username jeebus password t36djd3bz4sKT encrypted privilege 15

8 REPLIES
Cisco Employee

Re: removing "webvpn" from config?

Community Member

Re: removing "webvpn" from config?

I had actually already thought of that....

ASA5520(config)# sh run | inc webvpn
webvpn
ASA5520(config)# no webvpn
ASA5520(config)# wr mem
Building configuration...
Cryptochecksum: c9902289 d618d334 f41f9a36 a8ecfacc

18110 bytes copied in 3.370 secs (6036 bytes/sec)
[OK]
ASA5520(config)# sh run | inc webvpn
webvpn
ASA5520(config)#

Cisco Employee

Re: removing "webvpn" from config?

According to that link that I provided above:

To remove all commands entered in webvpn mode, use the no form of this command. These webvpn commands apply to the username or group policy from which you configure them.

Webvpn commands for group policies and usernames define access to files, MAPI proxy, URLs and TCP applications over WebVPN. They also identify ACLs and types of traffic to filter.

webvpn

no webvpn

WebVPN is disabled by default.

So, no webvpn will only remove all the lines that you have configured under it and looks like it will not remove the webvpn line from the config as it is disabled by default.

-KS

Community Member

Re: removing "webvpn" from config?

only one of my ASAs (about 20 of them) has this line in it.

Cisco Employee

Re: removing "webvpn" from config?

See what the diff. is between them.

sh ver and check the features.

-KS

Community Member

Re: removing "webvpn" from config?

one has a 4GE-SSM

thats the only difference between the two im looking at right now

Community Member

Re: removing "webvpn" from config?

I have a 5505 asa running on 9.1 and I am unable to remove webvpn.
GH-Rmte-ASA-5505# sh run | inc webvpn
webvpn
GH-Rmte-ASA-5505# config t
GH-Rmte-ASA-5505(config)# no webvpn
GH-Rmte-ASA-5505(config)# wr
Building configuration...
Cryptochecksum: 609e15ff 201fc047 5605b11f 86071161

13545 bytes copied in 1.590 secs (13545 bytes/sec)
[OK]
GH-Rmte-ASA-5505(config)# sh run | inc webvpn
webvpn
GH-Rmte-ASA-5505(config)# sh run webvpn
webvpn
anyconnect-essentials
GH-Rmte-ASA-5505(config)# wr
Building configuration...
Cryptochecksum: 609e15ff 201fc047 5605b11f 86071161

13545 bytes copied in 1.610 secs (13545 bytes/sec)
[OK]
GH-Rmte-ASA-5505(config)# sh run webvpn
webvpn
anyconnect-essentials
GH-Rmte-ASA-5505(config)#
Community Member

Re: removing "webvpn" from config?

I'm actually having the exact same issues.

I've got 2 ASAs, one being a 5505 with 9.2(4)14 and the other being a 5515 running 9.1(1). I give the no webvpn commands and it doesn't go away. I go into webvpn and then give the no anyconnect-essentials command and then exit webpn thinking that maybe removing configs within the webvpn config would help. I then try to remove wevpn afterwards again. still no dice.

2620
Views
0
Helpful
8
Replies
CreatePlease to create content