SSL Vpn passthrough

Posted on 2009-12-21
Last Modified: 2012-05-08
I have an ASA 5505 that I have just replaced an old Netscreen 5GT with.  Everything on the ASA is working great except for one thing.  When we try to connect to remote SSL vpn devices from behind the ASA it will not let us connect.  We can get to the web page without issues, but once we login it just hangs and never connects.  Are there any settings on an ASA that would allow passthrough of this traffic?

I can post the configuration of the important part of our firewall if needed.  Thank you in advance.
Question by:wcoil
    LVL 32

    Accepted Solution


    Are you saying you are connecting from behind the ASA to a remote SSL VPN device somewhere outside your location? If so is the entire flow 443 traffic? i would log denied packets and watch to see what is getting denied.

    harbor235 ;}

    Author Comment

    Thank you for your reply.  Yes we are behind an ASA 5505 and are trying to SSL vpn to another location that has a cisco device and requires SSL vpn login.  I will take a look at the logs and see what it comes back with and let everyone know.

    Author Comment

    Sorry it took me so long to get back to this.  It turns out that my customers ssl connection will not work even outside of his ASA 5505.  I am going to award the points to harbor235 since he replied to me.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
    Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now