cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
540
Views
0
Helpful
1
Replies

SSL VPN with client, anyconnect.

hanwucisco
Level 1
Level 1

I've set up a simple test on SSL VPN with client on a 3800.

It didnt work. I assume i have to turn on the IP http server so that the client can hit it.

but when I turned it on, the client goes to SDM, nothing with ssl vpn happened. it tells me the pay is not available.

The underlying routing is fine.

Could you tell me where it is configured wrong?

Config is copied below.

thanks,

Han

=======

Current configuration : 3340 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

enable password cisco

!

aaa new-model

!

!

aaa authentication login default local

!

!

aaa session-id common

no network-clock-participate slot 1

!

crypto pki trustpoint TP-self-signed-3551041125

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3551041125

revocation-check none

rsakeypair TP-self-signed-3551041125

!

!

crypto pki certificate chain TP-self-signed-3551041125

certificate self-signed 01

3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 33353531 30343131 3235301E 170D3131 31313135 31383238

30365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 35353130

34313132 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

8100CFCF CFFAD76A 50DA82C9 8D4E3F90 64AD24EB 5409C5E2 43BC64F3 07F6C0E0

29FF2D71 0DA0D897 2F814BD2 7F817503 429D4BC6 6AD6EEA4 DFA74BAD 0EAF84D5

6ED55EC0 6C637178 BEEBCD1D 184BB90C CA84E974 48003885 87B53F2E 36A04661

23DA2CBB DD8EEE1D 2F25AF9A E21DC288 BF76A17C C1F4BA07 95F09377 A12BE01A

53750203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603

551D1104 1B301982 17526F75 7465722E 776E7362 6E6F632E 696E7465 726E616C

301F0603 551D2304 18301680 14BE9E8F ED788928 560D7CA1 EED89B0D DE34D772

5D301D06 03551D0E 04160414 BE9E8FED 78892856 0D7CA1EE D89B0DDE 34D7725D

300D0609 2A864886 F70D0101 04050003 818100BC 4A2A3C47 7BF809AF 78EE0FD9

73692913 F280765E BAFAECAB ED32C38D 3030810B C62C7F45 13C8A6EE AE96A891

CDD4C78B 803299AD EB098B27 383CEF6F 0E2B811F 3ECFADBA 07CD0AC6 BBB8C5FE

B2FC0FD8 562B7100 BB28036E 4575D1F5 B17687C6 8EACBD66 A9E52FEE A030E69A

CAAE9F1B 618FA59D 02C25BC8 77D6CAC2 C7E56F

quit

dot11 syslog

!

!

ip cef

!

!

!

multilink bundle-name authenticated

!

voice-card 0

no dspfarm

!

!

username cisco1 privilege 15 secret 5 $1$L2RA$Zqs6FLce5Ns5fny5aRL49/

!

!

archive

log config

hidekeys

!

interface GigabitEthernet0/0

ip address dhcp

duplex auto

speed auto

media-type rj45

end

interface Loopback1

ip address 1.1.1.1 255.255.255.0

!

interface GigabitEthernet0/0

ip address dhcp

duplex auto

speed auto

media-type rj45

!

!

ip local pool svc-poll 1.1.1.50 1.1.1.100

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 192.168.1.254

!

!

ip http server

no ip http secure-server

!

control-plane

!

line con 0

logging synchronous

line aux 0

line vty 0 4

!

scheduler allocate 20000 1000

!

!

webvpn gateway SSLVPN

ip interface GigabitEthernet0/0 port 443

ssl trustpoint local

inservice

!

webvpn install svc flash:/webvpn/svc.pkg

!

webvpn context SSLVPN

ssl authenticate verify all

!

!

policy group default

   functions svc-required

   svc default-domain "test.org"

   svc keep-client-installed

   svc split dns "primary"

default-group-policy default

gateway SSLVPN

inservice

!

end

1 Reply 1

andrew.prince
Level 10
Level 10

Using the SDM follow the below config example

http://www.cisco.com/en/US/products/ps6496/products_configuration_example09186a008071c58b.shtml

The text "cisco 3800 ssl vpn configuration" in my favorite search engine, identified the above.

HTH>

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: