Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SSL VPN - alternative delivery methods

I just purchased a Concentrator 3005 and I'm not real thrilled with the SSLVPN delivery method.

I want to use the WebVPN portion without having to "skip" the SSLVPN installation portion, but from the WebVPN home page have a link to start the SSLVPN.

Is it possible to do something like that?

2 REPLIES
Bronze

Re: SSL VPN - alternative delivery methods

To access the WebVPN home page, you will first have to have the SSLVPN up and running between the concentrator and the PC. The configuration on WebVPN on the concentrator is very simple. The configuration guide has all that you will need.

http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/4_1/config/tunnel.htm#1309313

http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/4_1/config/webvpnap.htm

Also note that WebVPN is the Cisco name for the SSLVPN. They are one and the same.

New Member

Re: SSL VPN - alternative delivery methods

I'm not sure that's true with v4.7 anymore.

There is a configuration setting to "Enable SSL VPN", and when I click on this login proceeds like this:

1. Go to WebVPN site, login (I happen to be using Radius authentication)

2. After login, I get a page informing that SSL VPN is being installed. This process will attempt to deliver the VPN software via ActiveX and if that doesn't work it'll try Java.

3. Just above the installation graphic is a link saying to skip the SSL VPN installation and go to the WebVPN home page.

4. If you do nothing, the SSL VPN software installs successfully and the web page you have open CLOSES! You will also see an icon in the system tray and be connected to your network just like a IPSEC VPN.

5. If you click on the "skip" link you will then go to the WebVPN page. Problem here is that the skip doesn't work real well and you often get several prompts for security logins before the tool realizes you don't want that. In Firefox, the installation will actually HANG firefox if you skip it.

This is a very awkward way to deliver this functionality. What I'd like to be able to do, is have my users login to the WebVPN and get the home page. From there they can click on the SSL VPN link and THEN it'd install using ActiveX or Java.

Since this SSL VPN seems pretty new this may not be possible yet in which case I simply won't roll this feature out (I dislike the current delivery method THAT much!)

Thanks for the help!

105
Views
0
Helpful
2
Replies