Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Using SSL Clientless VPN to access a website across a site to site VPN

I have a client that has a 3rd party vendor needing access to a website that the client accesses over a site to site VPN.  Right now, the 3rd party vendor is using the Anyconnect client on some of their users computers.  However, some of the 3rd party vendors's users have laptops and the Anyconnect client conflicts with another piece of software on these laptops.

I have been trying (unsuccessfully) to get this website to work through the clientless ssl VPN webpage.  I have tried with and without smart-tunneling and have added the IP address of the outside interface to be natted to an IP address that is allowed to go over the site to site VPN.  I see the connection trying to be made, but it always fails.

This is what the connection would look like (I think):

remote user -> clientless ssl vpn page -> ASA -> site to site VPN (between client ASA and site where website is)

So, the remote user connects and logs into the clientless SSL vpn page and then I have a bookmark configured for them to click on and connect to the website.  Like I mentioned earlier, it doesn't matter if I use smart-tunneling or not, I can't get it to work.

I am not even sure if this is possible or I may just be missing something.

TIA for your help.


Re: Using SSL Clientless VPN to access a website across a site t

So is the request to the web server going through the site to site tunnel? Could you try adding the outside ip address of the ASA in the interesting traffic for the site to site tunnel and see if request is going through site to site tunnel? What is the nat that you have configured.?

CreatePlease to create content