Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
529
Views
0
Helpful
2
Replies

IOS SSL VPN...Is it even possible?

fieryhail
Level 1
Level 1

‎03-07-2010 06:34 PM

Hello all,

I have a 3745 router with IOS AdvEnterprise 12.4-15-T6 and am trying to deploy SSL VPN over it.  I've heard varying reports, some say it is possible, others say it is not.  It seems that the 3745 is a strange router of sorts, kind of falls in the middle of the x600 series and the x800 series.  I am using SDM 2.5 and I have installed the sslvpn-win SVC manually on the router, yet when a user goes the the web page and attempts to open a full tunnel, the java app never completes.  I'm really stumped on this.  The end result is to enable access to a CallManager in the system from abroad, using IP Communicaotr.  EasyVPN would be fine but alas no support for Windows x64.  Any help on this would be greatly appreciated.  Thanks again.

Labels:
0 Helpful
2 Replies 2

fieryhail
Level 1
Level 1

‎03-07-2010 06:44 PM

Some addition information:

Some debug:

000455: *Oct 28 08:04:49.643 GMT:

000456: *Oct 28 08:04:49.643 GMT:

000457: *Oct 28 08:04:49.643 GMT: WV-TUNL: Tunnel CSTP Version recv  use 1

000458: *Oct 28 08:04:49.643 GMT: WV-TUNL: Allocating tunl_info

000459: *Oct 28 08:04:49.643 GMT: WV-TUNL: Allocating stc_config

000460: *Oct 28 08:04:49.643 GMT: WV-TUNL: Allocating address 192.168.110.58 from local pool

000461: *Oct 28 08:04:49.643 GMT: WV-TUNL: Cannot find IDB for IP address 192.168.110.58 in table 0

000462: *Oct 28 08:04:49.643 GMT: WV-TUNL: Returning address 192.168.110.58 to pool

000463: *Oct 28 08:04:49.643 GMT: WV-TUNL: Failed to config IP addr (192.168.110.58) to VRF Table (0)

000464: *Oct 28 08:04:49.643 GMT: HTTP/1.1 401 Unauthorized

000465: *Oct 28 08:04:49.643 GMT:

000466: *Oct 28 08:04:49.643 GMT:

000467: *Oct 28 08:04:49.643 GMT:

000468: *Oct 28 08:05:05.899 GMT: WV-TUNL: Tunnel context (0x661EF4B8) is removed from session (0x661FF800)

000469: *Oct 28 08:05:05.899 GMT: WV-TUNL: Deallocating tunnel info 0x68EE81D8

RCS-3745#

RCS-3745#

RCS-3745#

RCS-3745#

RCS-3745#

000470: *Oct 28 08:05:33.091 GMT:

000471: *Oct 28 08:05:33.091 GMT:

000472: *Oct 28 08:05:33.091 GMT: WV-TUNL: Tunnel CSTP Version recv  use 1

000473: *Oct 28 08:05:33.091 GMT: WV-TUNL: Allocating tunl_info

000474: *Oct 28 08:05:33.091 GMT: WV-TUNL: Allocating address 192.168.110.59 from local pool

000475: *Oct 28 08:05:33.091 GMT: WV-TUNL: Cannot find IDB for IP address 192.168.110.59 in table 0

000476: *Oct 28 08:05:33.091 GMT: WV-TUNL: Returning address 192.168.110.59 to pool

000477: *Oct 28 08:05:33.091 GMT: WV-TUNL: Failed to config IP addr (192.168.110.59) to VRF Table (0)

000478: *Oct 28 08:05:33.091 GMT: HTTP/1.1 401 Unauthorized

000479: *Oct 28 08:05:33.095 GMT:

000480: *Oct 28 08:05:33.095 GMT:

000481: *Oct 28 08:05:33.095 GMT:

000482: *Oct 28 08:05:49.423 GMT: WV-TUNL: Tunnel context (0x661EF4B8) is removed from session (0x661FF800)

000483: *Oct 28 08:05:49.423 GMT: WV-TUNL: Deallocating tunnel info 0x68EE81D8

000484: *Oct 28 08:07:33.679 GMT:

000485: *Oct 28 08:07:33.679 GMT:

000486: *Oct 28 08:07:33.679 GMT: WV-TUNL: Tunnel CSTP Version recv  use 1

000487: *Oct 28 08:07:33.679 GMT: WV-TUNL: Allocating tunl_info

000488: *Oct 28 08:07:33.679 GMT: WV-TUNL: Allocating address 192.168.110.60 from local pool

000489: *Oct 28 08:07:33.683 GMT: WV-TUNL: Cannot find IDB for IP address 192.168.110.60 in table 0

000490: *Oct 28 08:07:33.683 GMT: WV-TUNL: Returning address 192.168.110.60 to pool

000491: *Oct 28 08:07:33.683 GMT: WV-TUNL: Failed to config IP addr (192.168.110.60) to VRF Table (0)

000492: *Oct 28 08:07:33.683 GMT: HTTP/1.1 401 Unauthorized

000493: *Oct 28 08:07:33.683 GMT:

000494: *Oct 28 08:07:33.683 GMT:

000495: *Oct 28 08:07:33.683 GMT:

The error I get is The SSL VPN HTTP Response code received from the gateway indicates an error, contact your network administrator. 
If there is additional info I can provide please let me know. 

0 Helpful

KARUPPUCHAMY MALAIYANDI
Level 4
Level 4
In response to fieryhail

‎03-07-2010 06:51 PM

Hi,

Yes. Cisco 3745 router with An advanced image of Cisco IOS Software Release 12.4(6)T or           later will support SSL VPN.

Find the URL that will help you to configure webvpn in your cisco router.

http://www.cisco.com/en/US/products/ps6496/products_configuration_example09186a008071c58b.shtml

Regards

Karuppu

0 Helpful
Customers Also Viewed These Support Documents