Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Url not working when connected with vpn with some users, others do??

Hi,

We use two ASA's 5550 and the anyconnect client to build up a vpn connection. When users are connected to the ASA's some users of the same policy cannot access www.zonmw.nl (nothing will be displayed), others can. When we disconnect vpn the site is accessable.

What could be the problem here, we tried everything.

Could someone else try, with his anyconnect vpn connection to try and connect to this site?

thx,

Marc

9 REPLIES
Super Bronze

Re: Url not working when connected with vpn with some users, oth

1) Are you 100% sure that the user that connects via AnyConnect is assigned the same policy? Can you double check for both users (ie: the one that can connect to "www.zonmw.nl" and the user that can't) by issuing: show vpn-sessiondb svc filter name

2) Do you have split tunnel configured for the AnyConnect?

3) Just confirming that "www.zonmw.nl" is a webserver on the Internet, not hosted behind the ASA?

New Member

Re: Url not working when connected with vpn with some users, oth

Hi,

1) Yep 100% the same, we use AD groups and we checked the radius server logs.

2) Split tunnel is not allowed in our policies

3) yes it's a webserver on the internet.

thx

Marc

New Member

Re: Url not working when connected with vpn with some users, oth

User who can't access:

Session Type: SVC

Username     : xxx.xxxxx           Index        : 13441

Assigned IP  : 1XX.1XX.1XX.2XX        Public IP    : 1XX.XXX.XXX.XXX

Protocol     : Clientless SSL-Tunnel DTLS-Tunnel

License      : SSL VPN

Encryption   : RC4 AES256             Hashing      : SHA1

Bytes Tx     : 552209                 Bytes Rx     : 131830

Group Policy : ICTS-Netwerken         Tunnel Group : DefaultWEBVPNGroup

Login Time   : 13:31:19 CEDT Tue Apr 20 2010

Duration     : 0h:01m:40s

Inactivity   : 0h:00m:00s

NAC Result   : Unknown

VLAN Mapping : N/A                    VLAN         : none

User who can:

Session Type: SVC

Username     : zzzz.zzz       Index        : 22757

Assigned IP  : 1XXXXXXXX         Public IP    : XXXXXXXXX

Protocol     : Clientless SSL-Tunnel DTLS-Tunnel

License      : SSL VPN

Encryption   : RC4 AES256             Hashing      : SHA1

Bytes Tx     : 2035733                Bytes Rx     : 644081

Group Policy : ICTS-Netwerken         Tunnel Group : DefaultWEBVPNGroup

Login Time   : 13:32:45 CEDT Tue Apr 20 2010

Duration     : 0h:03m:03s

Inactivity   : 0h:00m:00s

NAC Result   : Unknown

VLAN Mapping : N/A                    VLAN         : none

Super Bronze

Re: Url not working when connected with vpn with some users, oth

Thanks. Looks exactly the same.

I notice however that both users are using DTLS (UDP/443) for the AnyConnect connection, and when i try to browse to that website, it seems to be a little bit slow to respond. For the user who can't connect to that website, can you try to force it to connect via TLS (TCP/443) and try if the user can browse to that website?

New Member

Re: Url not working when connected with vpn with some users, oth

Hi,

Ok tried that no luck, still not displaying the website.

thx,

Marc

___________________________________________________________________________________________________________________________

Session Type: SVC

Username     : xxxxxxx          Index        : 22767

Assigned IP  : xxxxxxxxxxxx        Public IP    : xxxxxxxxxxxxx

Protocol     : Clientless SSL-Tunnel

License      : SSL VPN

Encryption   : RC4 AES256             Hashing      : SHA1

Bytes Tx     : 891388                 Bytes Rx     : 107493

Group Policy : ICTS-Netwerken         Tunnel Group : DefaultWEBVPNGroup

Login Time   : 13:46:28 CEDT Tue Apr 20 2010

Duration     : 0h:02m:43s

Inactivity   : 0h:00m:00s

NAC Result   : Unknown

VLAN Mapping : N/A                    VLAN      

New Member

Re: Url not working when connected with vpn with some users, oth

When we wait we see this displayed in the browser:

Error 101 (net::ERR_CONNECTION_RESET): Unknown error.

New Member

Re: Url not working when connected with vpn with some users, oth

If the user where it works, logs in with vpn on the pc of the user where it doesn't work, it also doesn't work for him.

Super Bronze

Re: Url not working when connected with vpn with some users, oth

Same ISP connection or different ISP connection?

New Member

Re: Url not working when connected with vpn with some users, oth

Same ISP, but also tried other ISP's the same result. Looks like a problem on the workstations where it does not work.

But there are many, workstations and laptops of the company but also home computers. Very strange this .....

926
Views
0
Helpful
9
Replies