Can't HTTPS to Cisco 3000 VPN Public Interface

Posted on 2005-03-28
Medium Priority
Last Modified: 2010-04-10
We have a Cisco 3000 VPN at a remote site that I can ping but can't access the GUI through HTTPS or telnet into on the Public interface.  The Private interface logon is accessible to users via HTTPS at this office but we have no admins onsite.  I set up an identical VPN at my desk and can access the the Public interface through HTTPS.  Is anyone aware of any settings that allows HTTPS access on the Public interface that I'm missing?  The VPN is behind a router with ACLs in place but none that should block HTTPS.
Question by:choupiqueliqueur
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 11

Assisted Solution

Jase-Coder earned 1000 total points
ID: 13643422
The VPN is behind a router with ACLs in place but none that should block HTTPS

you might have to include a explicit option for allowing external users to access the gui because the acl has an implicit deny if no conditions are met in the acl.
LVL 13

Expert Comment

ID: 13643426
Has 443 been changed?  
If you have any server on site, can you remote to the server and then access the concentrator for troubleshooting?
LVL 13

Accepted Solution

gpriceee earned 1000 total points
ID: 13643463
Check your interface filters too:
The filter governs the handling of data packets through this interface: whether to forward or drop, in accordance with configured criteria. Cisco supplies three default filters that you can modify and use with the VPN Concentrator. You can configure filters on the Configuration | Policy Management | Traffic Management screens.

Click the drop-down menu button and choose the filter to apply to this interface:

1. Private (Default) = Allow all packets except source-routed IP packets. Cisco supplies this default filter for Ethernet 1, but it is not selected by default.

2. Public (Default) = Allow inbound and outbound tunneling protocols plus ICMP and VRRP. Allow fragmented IP packets. Drop everything else, including source-routed packets. Cisco supplies this default filter for Ethernet 2, and it is selected by default for Ethernet 2.

3. External (Default) = No rules applied to this filter. Drop all packets. Cisco supplies this default filter for Ethernet 3, but it is not selected by default.

-None- = No filter applied to the interface, which means there are no restrictions on data packets. This is the default selection for Ethernet 1 and 3.

Other filters that you have configured also appear in this menu.


Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question