Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2739
Views
0
Helpful
1
Replies

Clientless SSL w/ Anyconnect already in place

kyle.southerland
Level 1
Level 1

‎10-16-2009 07:46 AM - edited ‎02-21-2020 03:44 AM

I am currently using AnyConnect as an SSL VPN service for some outside vendors to access a few of our applications. Unfortunately some of them refuse to download software, so I need to setup a clientless solution.

I used the SSL VPN wizard and setup a new Clientless SSL connection. Whenever I try to login it tells me:

Clientless (browser) SSL VPN access is not allowed.

In the Syslog it lists these 2 warnings

4 Oct 16 2009 10:43:20 722050 Group <TestLicensing> User <ksoutherland> IP <10.12.10.203> Session terminated: SVC not enabled for the user

4 Oct 16 2009 10:43:20 113019 Group = , Username = , IP = 0.0.0.0, Session disconnected. Session Type: , Duration: 0h:00m:00s, Bytes xmt: 0, Bytes rcv: 0, Reason: Unknown

If I enable the SVC it just proceeds to setup the Anyconnect session even though in the Group Policy I have the login setting to go straight to the Clientless SSL Portal. Any ideas on this?

Is it because I already use Anyconnect and IPSec on this interface as well? I was able to get a clientless session working on another ASA out at my Colo, but this one just won't seem to comply.

0 Helpful
1 Reply 1

Todd Pula
Level 7
Level 7

‎10-22-2009 11:11 AM

Can you post your config? Make sure that the webvpn tunnel protocol is enabled under the respective group policy.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card