09-17-2010 03:37 PM - edited 03-11-2019 11:42 AM
Hi
I'm settin up the WebVPN/SSL connection on ASA 5520. The anyconnect and IPSec is working fine. BUt when u try to connect by webvpn, My connecion always connecteb by sslanyconnect.
I set on group police this line
svc ask enable default webvpn timeout 10
But eve if the "web" doesn't show the question for me and connect automatically by ssl anyconnect..
My ios is asa832-k8.bin and anynnoect client is anyconnect-win-2.5.0217-k9.pkg
Somebody can help me ?
Thanks
09-17-2010 05:45 PM
What license do you have for the SSL VPN? Can you please share the output of "show version"?
09-20-2010 06:24 AM
This is my show version
Cisco Adaptive Security Appliance Software Version 8.3(2)
Device Manager Version 6.3(4)
Compiled on Fri 30-Jul-10 17:49 by builders
System image file is "disk0:/asa832-k8.bin"
Config file at boot was "startup-config"
gfispo01 up 3 days 15 hours
Hardware: ASA5520, 2048 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.06
0: Ext: GigabitEthernet0/0 : address is 68ef.bdb1.4e12, irq 9
1: Ext: GigabitEthernet0/1 : address is 68ef.bdb1.4e13, irq 9
2: Ext: GigabitEthernet0/2 : address is 68ef.bdb1.4e14, irq 9
3: Ext: GigabitEthernet0/3 : address is 68ef.bdb1.4e15, irq 9
4: Ext: Management0/0 : address is 68ef.bdb1.4e11, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 150 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
SSL VPN Peers : 10 perpetual
Total VPN Peers : 750 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
AnyConnect Essentials : Enabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
This platform has an ASA 5520 VPN Plus license.
Serial Number: JMX1421L46T
Running Permanent Activation Key: 0x4d0ac668 0x90d52bc7 0xc1a2fd98 0xcb10d0e4 0x4d0df39c
Configuration register is 0x1
Configuration last modified by enable_15 at 20:05:20.525 BRST Fri Sep 17 2010
09-20-2010 07:33 AM
How you can see, my licenses are ok
SSL VPN Peers : 10 perpetual
I don't know what more i have to do
09-20-2010 07:58 AM
Look at this line from your show version output:
AnyConnect Essentials : Enabled perpetual
09-20-2010 08:00 AM
So I'll have to disable this license ? I wanna use the three options, ipsec, ssl and webvpn
09-20-2010 08:07 AM
IF you want to have a clientless "Portal", yes.
09-20-2010 08:13 AM
I again
Even if i disable this license, is it possible connect by anyconnect if I want ?
Many thanks ?
09-21-2010 04:21 AM
Issue the sh vpn-sessiondb summary command.
you may see a license information, which differs from your SSL-VPN peers in the show version.
If you "disable" the anyconnect essential you will fall back to the amount of users shown in the show version for SSL-VPN peers.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide