Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
527
Views
0
Helpful
5
Replies

SSL VPN in Concentrator

wasiimcisco
Level 1
Level 1

‎08-01-2008 03:10 PM

I have 3020 vpn concentrator with 4.x IOS. I am not able to acces this concentrator on its publich IP. I have enable the publich management access, webvpn access. I have even so mnay times disable and enable the public interface, reboot the concentrator but still not able to access it via public IP address. I am getting page cant disaply error.

on my second office my concentrator is working fine and there is no issue in access this concentrator via its publich IP address.

Please help me out how to solve this problem.

Labels:
0 Helpful
5 Replies 5

Marwan ALshawi
VIP Alumni
VIP Alumni

‎08-02-2008 03:42 AM

according to cisco press

if you are using WebVPN for remote access and you want to use HTTPS for management access on the concentrator, you'll need to go into the concentrator's public interface (Configuration > Interfaces > Ethernet2 (Public)) and click the Allow Management HTTPS sessions check box. Also click the Redirect HTTP to HTTPS check box to enhance your security, redirecting any HTTP access to HTTPS. Then, to access the concentrator's public interface for management access, enter either of the following URLs in your web browser's address bar:

https://public_interface_address/admin.html

https://public_interface_address/access.html

good luck

please, if helpful Rate

0 Helpful

wasiimcisco
Level 1
Level 1
In response to Marwan ALshawi

‎08-02-2008 06:17 AM

no luck still not working, I have two more concentrators at different sites they are working fine. only this concentrator is giving me problem, enable and disable web management but still not luck, i even once again restart the concentrator clear cache on the switch but still not working.

0 Helpful

Marwan ALshawi
VIP Alumni
VIP Alumni
In response to wasiimcisco

‎08-02-2008 06:22 AM

for more info

To change or modify these management access applications, go to Configuration > System > Management Protocols. I would recommend that you disable HTTP and Telnet and only use HTTPS or SSH because these encrypt the management traffic from the administrator's desktop to the concentrator. To set this up, click the XML hyperlink on this page. XML allows you to enable management via HTTP or XML via HTTPS. By default, HTTPS and SSH are dropped on the public interface by this interface's filter. You could add these rules to the filter manually, but it's much easier to click the check boxes on this screen and let the concentrator automatically add themif you already have enabled WebVPN, HTTPS will already be enabled and will be grayed out on this screen. From this screen, you can optionally restrict who is allowed to come into the public interface via HTTPS or SSH.

also try to use deffrent PC

check if there is a filter ACL or somthing on the concentrator or any device in the path

good luck

0 Helpful

Marwan ALshawi
VIP Alumni
VIP Alumni
In response to wasiimcisco

‎08-02-2008 06:48 AM

for more info

To change or modify these management access applications, go to Configuration > System > Management Protocols. I would recommend that you disable HTTP and Telnet and only use HTTPS or SSH because these encrypt the management traffic from the administrator's desktop to the concentrator. To set this up, click the XML hyperlink on this page. XML allows you to enable management via HTTP or XML via HTTPS. By default, HTTPS and SSH are dropped on the public interface by this interface's filter. You could add these rules to the filter manually, but it's much easier to click the check boxes on this screen and let the concentrator automatically add themif you already have enabled WebVPN, HTTPS will already be enabled and will be grayed out on this screen. From this screen, you can optionally restrict who is allowed to come into the public interface via HTTPS or SSH.

also try to use deffrent PC

check if there is a filter ACL or somthing on the concentrator or any device in the path

good luck

0 Helpful

wasiimcisco
Level 1
Level 1
In response to Marwan ALshawi

‎08-02-2008 01:50 PM

no luck simply headache. dont know what the hell is wrong. Two concentrators are working fine only third one is giving me problem. tried all the things that u mentioned dont know what is getting wrong. disable and enable http,https, restart and even regenerate the ssl certifcate. but not able to access the concentrator via public interface IP address.

I check the public interface filter setting it is the same as i have on rest of the concentrator. Publich filter is allow http,https traffic.

What else left.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents