Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Clientless VPN Connection

ASA version: 8.2(1), ASDM version: 6.2(1), Device Type ASA 5540

I use the Wizard to create a clientless VPN. When I try to access VPN, it will not display a logon banner. I get page can not be displayed.

webvpn
 enable OUTSIDE
 svc image disk0:/anyconnect-win-2.3.0254-k9.pkg 1
 svc enable
 tunnel-group-list enable
group-policy DfltGrpPolicy attributes
 vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
 webvpn
  url-list value LSWMDD
group-policy SABVPN internal
group-policy SABVPN attributes
 banner none
 vpn-tunnel-protocol webvpn
group-policy DLADAPS internal
group-policy DLADAPS attributes
 dns-server value 206.30.20.10 206.30.20.8
 vpn-idle-timeout none
 vpn-session-timeout none
 vpn-tunnel-protocol IPSec svc
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value DLADAPS
 default-domain value nanw.ds.army.mil
group-policy AIRFORCEVPN internal
group-policy AIRFORCEVPN attributes
 dns-server value 206.30.20.10 206.30.20.8
 vpn-idle-timeout none
 vpn-session-timeout none
 vpn-tunnel-protocol IPSec
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value AIRFORCEVPN_splitTunnelAcl
 default-domain value nanw.ds.army.mil
group-policy DOLWMDDVPN internal
group-policy DOLWMDDVPN attributes
 dns-server value 206.30.20.10 206.30.20.8
 vpn-idle-timeout none
 vpn-session-timeout none
 vpn-tunnel-protocol IPSec svc webvpn
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value DOLWMDDVPNCLIENT_splitTunnelAcl
 default-domain value nanw.ds.army.mil
 webvpn
  url-list none
username John.M password cQan8plLN9eaLZU. encrypted privilege 5
username John.M attributes
 vpn-group-policy DLADAPS
 service-type admin
username AIRFORCEVPN password 25ypW8Yr10fxCJSa encrypted privilege 5
username AIRFORCEVPN attributes
 vpn-group-policy AIRFORCEVPN
username John.Doe password LCiP9VY.Q4v4nCb6 encrypted privilege 15
tunnel-group DOLWMDDVPN type remote-access
tunnel-group DOLWMDDVPN general-attributes
 address-pool DOLWMDDIPPOOL
 default-group-policy DOLWMDDVPN
tunnel-group DOLWMDDVPN ipsec-attributes
 pre-shared-key *
tunnel-group DLADAPS type remote-access
tunnel-group DLADAPS general-attributes
 address-pool DOLWMDDIPPOOL
 default-group-policy DLADAPS
tunnel-group DLADAPS ipsec-attributes
 pre-shared-key *
tunnel-group AIRFORCEVPN type remote-access
tunnel-group AIRFORCEVPN general-attributes
 address-pool DOLWMDDIPPOOL
 default-group-policy AIRFORCEVPN
tunnel-group AIRFORCEVPN ipsec-attributes
 pre-shared-key *
tunnel-group 131.78.30.200 type ipsec-l2l
tunnel-group 131.78.30.200 ipsec-attributes
 pre-shared-key *
tunnel-group SABVPN type remote-access
tunnel-group SABVPN general-attributes
 address-pool DOLWMDDIPPOOL
 default-group-policy SABVPN
tunnel-group SABVPN webvpn-attributes
 group-alias SABVPN enable
 group-url https://140.153.60.170/SABVPN enable
!

Everyone's tags (1)
1 REPLY

Hello, I see that the public

Hello,

 

I see that the public IP address you are using is not accessible from the outside at all, make sure that you are using the default port for this --> 443, also just to isolate this, enable the access of the clientless from your inside interface and try to access it by the inside IP address on your inside network:

 webvpn
  enable inside

 

Try to open the clientless, it that opens it seems that you are having issues with the port on that case, either ways we can take a capture from the Outside IP address to the public IP address of the outside computer:

 

capture CAP interface outside match tcp host <Outside_IP_ASA> host <Public_IP_COMPUTER>

 

Let me know how it works out, 

 

Don't Forget to rate and mark as correct the helpful Post!

David Castro,

Regards,

 

49
Views
0
Helpful
1
Replies
CreatePlease to create content