cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1276
Views
0
Helpful
10
Replies

SSL VPN Clientless

priscille
Level 1
Level 1

hello All,

I would like to know if, in confuring an SSL VPN Clientless mode, servers I need to access should be directly connected to the VPN Gateway?

Thank you in advance.

1 Accepted Solution

Accepted Solutions

ajay chauhan
Level 7
Level 7

Servers can be anywhere in the network but routing should be in place to reach them from VPN gateway.

Thanks

Ajay

View solution in original post

10 Replies 10

ajay chauhan
Level 7
Level 7

Servers can be anywhere in the network but routing should be in place to reach them from VPN gateway.

Thanks

Ajay

Thanks Ajay,

when I try to connect to the servers, the following error message appears:

        "Connection Error

Unable to connect to server x.x.x.x

.The server may not exist, or access to it may not be allowed."

But the server does exist.

Further more, the first day I configure and tested the SSL VPN Clientless It worked with Window Vista, but today it does not worked. It never worked with Window 7, but it works with Windows XP.

Please some one tell me: Does the SSL VPN Clientless, have opérating system compatibility problem??

I thought we needed just a web browser which accepts SSL.

thanks.

I dont think any restriction is there for clientless SSL VPN based on OS. I would suggest if it worked earlier then while connecting you should look at logs. Also see when you connect from Vista what error do you get on browser.

Thanks

Ajay

The following is the message the browser returns ( for Vista and 7):

" Unable to connect

   Firefox can't establish a connection to the server at x.x.x.x (VPN gateway public adress).

  The site could be temporarily unavailable or too busy. Try again in a few

    moments.

  If you are unable to load any pages, check your computer's network

    connection.

  If your computer or network is protected by a firewall or proxy, make sure

    that Firefox is permitted to access the Web."

when I tried later I recieved the same error message. Also I have disabled all the firewalls (the one for window and that of my Antivirus) I have.

Thanks.

Seems to be issue only with Firefox clear cache/delete cookies. Also uncheck if any proxy is configured should resolve may be reboot is required.

Thanks

ajay

Thank you Ajay for your help,

I have just done what you suggest, but nothing. I have the same error with Internet Explorer and Google Chrome.

Yet, when I'm in the LAN, the connection works normally but when I try to connect from outside of the LAN, it doesn't work, and I can not even ping the router.

Now, when the connection is successful, through XP, I can not access the servers I defined. I thought, eventhough I do not have accesses to those servers I could at least see the authentification interface of those servers. this is the message that appears:

   "Connection Error

Unable to connect to server x.x.x.x

.The server may not exist, or access to it may not be allowed."

best regards

Hi,

I would suggest you should post your configuration so that someone can look into that.

Thanks

Ajay

These are the configurations I typed:

   Authentification

configure terminal

aaa new-model

aaa authentication login sslvpn local

username xxxxx secret xxxxxx

username xxxxx secret xxxxxxxx

    Gateway Configuration :

conf t

webvpn gateway Gateway

ip address x.x.x.x port 443

http-redirect port 80

ssl encryption 3des-sha1

inservice

end

    Contexte Configuration

conf t

webvpn context Context

aaa authentication list sslvpn 

gateway Gateway domain xxxx.xxx

inservice

max-users 2

end

   Policy configuration :

conf t

webvpn context Context

policy group DefaultPolicy

banner "Welcome To The SSL VPN Service"

exit

default-group-policy DefaultPolicy

    Customisation of the SSL VPN Portal:

conf t

webvpn context Context

login-message “sitetest”

title “testsite”

secondary-color darkseagreen

title-color #808080

text-color white

secondary-text-color black

exit

   idle and session timeout

conf t

webvpn context Context

policy group DefaultPolicy

timeout idle 100

timeout session 36000

    Clientless Configuration:

conf t

webvpn context SecContext

url-list ListForClientlessUsers

url-text “Server1” url-value https:// x.x.x.x

url-text "Server2" url-value https://xxx.xxx.xxx

heading “ClientlessAccess”

exit

conf t

ip name-server x.x.x.x

Thanks.

Hello All,

Concerning my OS problem with the Clientless SSL VPN, if I disable the Firewall of the LAN, will it solve the prblem? 

Thanks.

When I disable the firewall on the router, the VPN worked. So the solution is to allow access on the gateway, through the https port.

thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: