Hi all, i post again a question Posted by ronin2307 on Nov 27, 2007, 9:40am PST
I HAVE THE SAME ISSUE WITH 8.0.3 release!
we have a fairly simple configuration running on our ASA and try to make use of the webvpn on occasion. The feature used to work great with 7.2, but after we upgraded to 8.0 we started having problems.
Basically an user (network admin) can log in through the webvpn interface (authenticated by a RADIUS server) and see the links to network shares we provide, click on them and at that point the user is promptedfor credentials again. upon entering them then message comes up that the access to the resources has been blocked due to security reasons.
Now to me that makes no sense whatsoever. I have already run the following command:
auto-signon allow ip 192.168.1.0 255.255.255.0 auth-type ntlm
to try to prevent the second credentials prompt but to doesn't do anything.
I also tried to capture the webvpn traffic, according to the user manual, but now i have a zip file that contains bunch of files, I cannot read (except notepad, but that doesn't help a lot). Ethereal will not open the files. I couldn't get to display the capture in the browser as described in the manual.
can anybody give me an idea on what to do to troubleshoot this problem? Thank you very much.
For single sign on using NTLM on a webVPN set up, you need to ensure you configure it through the command line. Did you use the ASDM for this single sign on? To configure auto-signon for all WebVPN users to servers with IP addresses ranging from
10.1.1.0 to 10.1.1.255 using NTLM authentication, for example, enter the following
hostname(config-webvpn)# auto-signon allow ip 10.1.1.1 255.255.255.0 auth-type ntlm
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :