Mozilla Firefox not work on Cisco WEBVPN

IW work great, but when I test with FIrefox, the bookmarked pages do not work.. The page starts to open but does not complete
domain-name asa.com
enable password  encrypted
passwd  encrypted
names
!
interface GigabitEthernet0/0
 description Inside Interface
 nameif inside
 security-level 100
 ip address ccc.ccc.231.55 255.255.255.0 
!
interface GigabitEthernet0/1
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/2
 shutdown
 no nameif
no security-level
 no ip address
!
interface GigabitEthernet0/3
 description Outside interface
 nameif outside
 security-level 0
 ip address ddd.ddd.176.53 255.255.255.224 
!
interface Management0/0
 shutdown
 nameif management
 security-level 100
 no ip address
 management-only
!
!
time-range WorkHours
 periodic weekdays 6:00 to 18:00
!
boot system disk0:/asa804-32-k8.bin
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup inside
dns domain-lookup management
dns server-group DefaultDNS
 name-server eee.eee.96.1
 name-server eee.eee.96.15
 domain-name email.com
access-list outside_access_in remark TW
access-list outside_access_in extended permit ip host fff.fff.155.236 any time-range WorkHours 
access-list outside_access_in extended deny ip any any 
access-list inside_authentication remark Radius Authentication Rule
access-list inside_authentication extended permit tcp host fff.fff.155.236 any time-range WorkHours 
access-list inside_authentication extended permit udp any host ccc.ccc.231.62 
access-list webvpn-list webtype permit tcp host eee.eee.58.140 eq https
access-list webvpn-list webtype permit tcp host eee.eee.4.37 eq https
access-list webvpn-list webtype permit tcp eee.eee.4.64 255.255.255.192 eq lotusnotes
access-list webvpn-list webtype permit tcp eee.eee.4.64 255.255.255.192 eq www
access-list webvpn-list webtype permit tcp host eee.eee.68.59 eq www
access-list webvpn-list webtype permit tcp host eee.eee.4.2 eq www
access-list webvpn-list webtype permit tcp host 199.184.31.50 eq www
access-list webvpn-list webtype permit tcp host 199.184.31.51 eq www
access-list webvpn-list webtype permit tcp host eee.eee.6.2 eq https
access-list webvpn-list webtype permit tcp host ccc.ccc.0.44 eq https
access-list webvpn-list webtype permit tcp ccc.ccc.14.112 255.255.255.240 eq www
access-list webvpn-list webtype permit tcp host eee.eee.6.4 eq https
access-list webvpn-list webtype permit tcp host eee.eee.4.10 eq www
access-list webvpn-list webtype permit tcp host ddd.ddd.176.8 eq https
access-list webvpn-list webtype permit tcp host ccc.ccc.14.107 eq www
access-list webvpn-list webtype permit tcp host ccc.ccc.14.107 eq https
access-list webvpn-list webtype permit tcp host ccc.ccc.14.107 range 7008 7009
access-list webvpn-list webtype permit tcp host eee.eee.4.2 eq https
access-list webvpn-list webtype permit tcp host eee.eee.4.45 eq https
access-list webvpn-list webtype permit tcp host eee.eee.4.121 eq 4001
access-list webvpn-list webtype permit tcp host eee.eee.4.142 eq www
access-list webvpn-list webtype permit tcp host eee.eee.4.142 eq https
access-list webvpn-list webtype permit tcp host eee.eee.4.142 range 7008 7009
access-list webvpn-list webtype permit tcp host ccc.ccc.14.17 eq www
access-list webvpn-list webtype permit tcp host ccc.ccc.14.17 eq https
access-list webvpn-list webtype permit tcp host ccc.ccc.14.17 range 7008 7009
access-list webvpn-list webtype permit tcp host eee.eee.4.22 eq 9090
access-list webvpn-list webtype permit tcp host eee.eee.4.24 eq 9090
access-list webvpn-list webtype permit tcp host eee.eee.6.5 eq https log default
access-list webvpn-list webtype permit tcp host eee.eee.12.6 eq www log default
access-list webvpn-list webtype permit tcp host eee.eee.4.211 eq https log default
access-list webvpn-list webtype deny tcp any log default
access-list webvpn-list webtype deny url any log default
pager lines 24
logging enable
logging timestamp
logging monitor notifications
logging buffered notifications
logging trap debugging
logging history debugging
logging asdm notifications
logging host inside ccc.ccc.231.8
mtu inside 1500
mtu outside 1500
mtu management 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
asdm image disk0:/asdm-621.bin
asdm history enable
arp timeout 14400
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 ddd.ddd.176.227 1
route inside eee.eee.0.0 255.255.0.0 ccc.ccc.231.62 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server Radius protocol radius
 accounting-mode simultaneous
 interim-accounting-update
aaa-server Radius (inside) host eee.eee.4.7
 timeout 30
 key see/rad
aaa-server Radius (inside) host ccc.ccc.14.84
 timeout 30
 key see/rad
aaa authentication match inside_authentication inside Radius
http server enable
http eee.eee.0.0 255.255.0.0 inside
http redirect outside 80
no snmp-server location
no snmp-server contact
snmp-server community *****
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
no crypto isakmp nat-traversal
telnet eee.eee.97.26 255.255.255.255 inside
telnet eee.eee.97.136 255.255.255.255 inside
telnet eee.eee.96.3 255.255.255.255 inside
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics port
threat-detection statistics protocol
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ntp server ccc.ccc.231.62 source inside prefer
webvpn
 enable outside
group-policy SSLWEBVPN internal
group-policy SSLWEBVPN attributes
 vpn-tunnel-protocol l2tp-ipsec webvpn
 webvpn
  url-list value Shortcuts
  filter value webvpn-list
  customization value SSLWebLogin
group-policy DfltGrpPolicy attributes
 vpn-tunnel-protocol IPSec l2tp-ipsec 
group-policy DOHWebVPN internal
group-policy DOHWebVPN attributes
 vpn-tunnel-protocol webvpn
tunnel-group DefaultRAGroup general-attributes
 authentication-server-group Radius
 default-group-policy SSLWEBVPN
tunnel-group DefaultWEBVPNGroup general-attributes
 authentication-server-group Radius LOCAL
 default-group-policy SSLWEBVPN
tunnel-group SSLWEBVPN type remote-access
tunnel-group SSLWEBVPN general-attributes
 authentication-server-group Radius LOCAL
 default-group-policy SSLWEBVPN
tunnel-group SSLWEBVPN webvpn-attributes
 customization SSLWebLogin
 group-url https://email.email.com enable
 group-url https://email.email.com/go/apple.email.com/mailjump.nsf enable
 group-url https://email.email.com/go/apple.email.com/mailjump2.nsf enable
 group-url https://email.email.com/go/portal.email.com~ssl/https://travel.email.com enable
 group-url https://email.email.com/gp/portal.email.com~ssl enable
 group-url https://email.email.com/latsweb enable
 group-url https://email.email.com/password enable
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect rsh 
  inspect rtsp 
  inspect esmtp 
  inspect sqlnet 
  inspect skinny  
  inspect sunrpc 
  inspect xdmcp 
  inspect sip  
  inspect netbios 
  inspect tftp 
!
service-policy global_policy global
prompt hostname context

Open in new window

axl13Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bignewfCommented:
what version of firefox? Have you tried upgrading it to the latest version, including the latest java updates? I use firefox all the time with webvpn without issues.
Could you post some errors from the event logs when this happens?
0
axl13Author Commented:
I am running version 3.5... I believe this is the lastest version... When I do get a pop message box stating to enable JAVA, but that option is already checked...
0
axl13Author Commented:
not sure where the event log is???
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

bignewfCommented:
windows event log- right-click on my computer>manage>event viewer>application

also enable logging in the pix/asa
in the asdm gui go to logging>enable logging>enable logging for webvpn.
post the output
0
axl13Author Commented:
Here is the logs for the asa:

Jul 14 10:23:08 192.168.231.55 Jul 14 2009 10:23:08: %ASA-6-302014: Teardown TCP connection 30975 for outside:24.97.155.236/1838 to identity:192.135.176.53/443 duration 0:00:10 bytes 15350 TCP Reset-O
Jul 14 10:23:08 xx.xx.231.55 Jul 14 2009 10:23:08: %ASA-6-302014: Teardown TCP connection 30975 for outside:xx.xx.155.236/1838 to identity:xx.xx.176.53/443 duration 0:00:10 bytes 15350 TCP Reset-O
Jul 14 10:23:08 xx.xx.231.55 Jul 14 2009 10:23:08: %ASA-6-725007: SSL session with client outside:xx.xx.155.236/1838 terminated.
Jul 14 10:23:08 xx.xx.231.55 Jul 14 2009 10:23:08: %ASA-6-725007: SSL session with client outside:xx.xx.155.236/1838 terminated.
0
axl13Author Commented:
I think this has something to do with the smart tunnaling... The bookmarks all have smart tunning enabled, but the address bar does not....And when I use the address bar, it works....
0
axl13Author Commented:
Looks like smart tunneling only work s for FIrefox 1.X... Is there a work around...
0
bignewfCommented:
depending on how your webvpn is configured, smart tunnelling is a separate option. You can configure links in webvpn to work directly from the browser by publishing website links linked to webvpn tunnel groups. A user would not need smart tunneling, and would only have to click on the bookmark. This works fine with firefox, even works with firefox on linux distros. Smart tunneling is more useful for rdp access without having to configure port forwarding.

I have smarttunnel working with firefox 3.011 with no issues on both vista and win xp, so it sounds like it is a browser issue. Have you tried different firefox versions .1.X  on the pc's you are testing? I recommend updated to version 3.0
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
axl13Author Commented:
I was able to get firefox to work before your post.. I installed 1.0 and then 2.0, then I reinstalled 3.5 and it worked... As for the smart tuneling, I needed to do this so that when a user click on a bookmark, a new window would open up... That is the way our security dept wants to do it... Unless there is another way to pop up the window???
0
axl13Author Commented:
I will give you credit for the answer... I had o reinstall firefox 3.5 and it started working... Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.