Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

WEBVPN always connect by anyconnect

Hi

I'm settin up the WebVPN/SSL connection on ASA 5520. The anyconnect and IPSec is working fine. BUt when u try to connect by webvpn, My connecion always connecteb by sslanyconnect.

I set on group police this line

svc ask enable default webvpn timeout 10

But eve if the "web" doesn't show the question for me and connect automatically by ssl anyconnect..

My ios is asa832-k8.bin and anynnoect client is anyconnect-win-2.5.0217-k9.pkg

Somebody can help me ?

Thanks

8 REPLIES
Super Bronze

Re: WEBVPN always connect by anyconnect

What license do you have for the SSL VPN? Can you please share the output of "show version"?

New Member

Re: WEBVPN always connect by anyconnect

This is my show version

Cisco Adaptive Security Appliance Software Version 8.3(2)
Device Manager Version 6.3(4)

Compiled on Fri 30-Jul-10 17:49 by builders
System image file is "disk0:/asa832-k8.bin"
Config file at boot was "startup-config"

gfispo01 up 3 days 15 hours

Hardware:   ASA5520, 2048 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
                             Boot microcode   : CN1000-MC-BOOT-2.00
                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.06
0: Ext: GigabitEthernet0/0  : address is 68ef.bdb1.4e12, irq 9
1: Ext: GigabitEthernet0/1  : address is 68ef.bdb1.4e13, irq 9
2: Ext: GigabitEthernet0/2  : address is 68ef.bdb1.4e14, irq 9
3: Ext: GigabitEthernet0/3  : address is 68ef.bdb1.4e15, irq 9
4: Ext: Management0/0       : address is 68ef.bdb1.4e11, irq 11
5: Int: Not used            : irq 11
6: Int: Not used            : irq 5

Licensed features for this platform:
Maximum Physical Interfaces    : Unlimited      perpetual
Maximum VLANs                  : 150            perpetual
Inside Hosts                   : Unlimited      perpetual
Failover                       : Active/Active  perpetual
VPN-DES                        : Enabled        perpetual
VPN-3DES-AES                   : Enabled        perpetual
Security Contexts              : 2              perpetual
GTP/GPRS                       : Disabled       perpetual
SSL VPN Peers                  : 10             perpetual
Total VPN Peers                : 750            perpetual
Shared License                 : Disabled       perpetual
AnyConnect for Mobile          : Disabled       perpetual
AnyConnect for Cisco VPN Phone : Disabled       perpetual
AnyConnect Essentials          : Enabled        perpetual
Advanced Endpoint Assessment   : Disabled       perpetual
UC Phone Proxy Sessions        : 2              perpetual
Total UC Proxy Sessions        : 2              perpetual
Botnet Traffic Filter          : Disabled       perpetual
Intercompany Media Engine      : Disabled       perpetual

This platform has an ASA 5520 VPN Plus license.

Serial Number: JMX1421L46T
Running Permanent Activation Key: 0x4d0ac668 0x90d52bc7 0xc1a2fd98 0xcb10d0e4 0x4d0df39c
Configuration register is 0x1
Configuration last modified by enable_15 at 20:05:20.525 BRST Fri Sep 17 2010

New Member

Re: WEBVPN always connect by anyconnect

How you can see, my licenses are ok

SSL VPN Peers                  : 10             perpetual

I don't know what more i have to do

New Member

Re: WEBVPN always connect by anyconnect

Look at this line from your show version output:

AnyConnect Essentials          : Enabled        perpetual

New Member

Re: WEBVPN always connect by anyconnect

So I'll have to disable this license ? I wanna use the three options, ipsec, ssl and webvpn

New Member

Re: WEBVPN always connect by anyconnect

IF you want to have a clientless "Portal", yes.

New Member

Re: WEBVPN always connect by anyconnect

I again

Even if i disable this license, is it possible connect by anyconnect if I want ?

Many thanks ?

New Member

Re: WEBVPN always connect by anyconnect

Issue the sh vpn-sessiondb summary command.

you may see a license information, which differs from your SSL-VPN peers in the show version.

If you "disable" the anyconnect essential you will fall back to the amount of users shown in the show version for SSL-VPN peers.

603
Views
0
Helpful
8
Replies