06-27-2014 02:01 AM - edited 02-21-2020 07:42 PM
Hi There,
im setting up the Anyconnect VPN Solution in our Lab enviroment.
It’s still a test but I’m suffering several Problems.
One of them is that connecting without Webbrowers is not working from Windows XP und Linux. Windows 7 works without problems.
Setup:
Cisco 3945 Router for VPN HUB (IOS c3900e-universalk9-mz.SPA.154-2.T.bin)
Cisco ACS in background for AAA User Authentification
Several Contexts ( ADMIN / User / External Support / ect.)
Problem:
When Connecting via Webbrowser to my VPN url https://example.myvpn.com/mycontext the Website appear and I can authentificate successfully to the Tacacs.
After that the Automatic download / upgrade of the latest VPN client start und the Client connects successfully ( WIN XP / LINUX / WIN7)
That’s the part that works perfectly!
When I try to connect manually from the Client (Not the Browser) I have some issues:
Win7:
I have to change the VPN URL to "example.myvpn.com/mycontext" and it is working perfectly!
The Client stores the new URL and I’m done.
Win XP:
It will not work.
Error Message: the anyconnect package on the secure gateway could not be located
(Remark: opening from Browser is working!)
Linux:
It will not work.
Error Message: Connection attempt has timed out. Please verify Internet connectivity.
(Remark: opening from Browser is working!)
Config:
webvpn gateway Cisco-WebVPN-Gateway
ip address 1.1.1.1 port 443
ssl encryption rc4-md5
ssl trustpoint server_lwvpn
inservice
!
!
!
!
webvpn context mycontext
title "Welcome to mycontext Generic User Context"
login-photo none
logo file flash:/mycontext.png
secondary-color white
title-color #96bf0d
text-color black
login-message "Welcome to mycontext Generic User Context"
aaa authentication list sslvpn
aaa authentication domain @mycontext
gateway Cisco-WebVPN-Gateway domain mycontext
max-users 20
!
ssl authenticate verify all
!
url-list "rewrite"
inservice
!
policy group webvpnpolicy-mycontext
functions svc-enabled
functions svc-required
svc address-pool "mycontext-vpn-pool" netmask 255.255.255.0
svc rekey method new-tunnel
default-group-policy webvpnpolicy-mycontext
!
end
Thanks for your help!
06-30-2014 12:58 PM
When using Ubuntu I'd try OpenConnect, the Linux alternative for AnyConnect.
07-01-2014 01:37 AM
What version of AnyConnect are you using for Windows and Linux?
Have you downloaded and installed the Linux version of AnyConnect on the ASA?
--
Please remember to select a correct answer and rate helpful posts
07-14-2014 12:54 AM
Hi,
Im Using a Router (3945).
The Installed versions on the router are:
anyconnect-win-3.1.05170-k9.pkg
anyconnect-linux-3.1.05160-k9.pkg
anyconnect-linux-64-3.1.05160-k9.pkg
Thanks for your help!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide