ultreya
asked on
Problems with VPN
Set up a vpn client on the ASA (sslvpn). Enabled active x controls, and am able to log in to the Site. But when enabling the SSLVPN the client does NOT connect. I have gone through the steps
Trusted sites/allowing signed and unsigned active x controls.
Laptop was win xp dell inspirion with wireless...
Was able to connect to vpn, but could not ping or remote to any clients inside the network.
disabled wireless device, with no change.
Restored the original OS which is windows 7. performed same steps as above, but now only logs in, but does NOT load the SSLVPN client, and therefore can not connect.
Vista client connects with no issues. have matched IE options (active x and all other settings) with troubled laptop and still no connections.
Need help.
Trusted sites/allowing signed and unsigned active x controls.
Laptop was win xp dell inspirion with wireless...
Was able to connect to vpn, but could not ping or remote to any clients inside the network.
disabled wireless device, with no change.
Restored the original OS which is windows 7. performed same steps as above, but now only logs in, but does NOT load the SSLVPN client, and therefore can not connect.
Vista client connects with no issues. have matched IE options (active x and all other settings) with troubled laptop and still no connections.
Need help.
ASKER
Clientless portal.
What version ASA OS? Pre 8.3 does not support Windows 7 with the SSL client. AnyConnect works much better and works with Win7 both 32 and 64 bit..
ASKER
Firmware version: 1.0.15
Where do I find the OS version in the Configuration utility?
How would I go about installing the client for anyconnect?
We had a Cisco guy set this up but said anyconnect would not be available???
Only clientless portal.
Also was no help on troubleshooting this issue.
Where do I find the OS version in the Configuration utility?
How would I go about installing the client for anyconnect?
We had a Cisco guy set this up but said anyconnect would not be available???
Only clientless portal.
Also was no help on troubleshooting this issue.
But from the portal, what functions do you use? Port forwarding (application access)? URL-links, file browsing? Or do you actually start the anyconnect-client from the portal? It confuses me when you say that the client doesnt connect, cause when you use the portal there is no vpn client involved.
Can you post some screen dumps?
/Jimmy
Can you post some screen dumps?
/Jimmy
ASKER
Login
Select vpn tunnel on left
Click on Icon to launch vpn.
If all is successful (ish) you get a little green icon in task bar showing status of connection. I get that on mine, but the win7 or the win xp laptops do not.
loginIII.jpg
loginII.jpg
login.jpg
Select vpn tunnel on left
Click on Icon to launch vpn.
If all is successful (ish) you get a little green icon in task bar showing status of connection. I get that on mine, but the win7 or the win xp laptops do not.
loginIII.jpg
loginII.jpg
login.jpg
ASKER
and yes their posted backwards ... sorry
Small Business Pro is not ASA...
It must be SA-500 series....
Here is complete admin guide for the SA-500
http://www.cisco.com/en/US/docs/security/multi_function_security/multi_function_security_appliance/sa_500/administration/guide/SA500_AG_OL1911403.pdf
What model? 520? 540?
What version OS is running on it?
It must be SA-500 series....
Here is complete admin guide for the SA-500
http://www.cisco.com/en/US/docs/security/multi_function_security/multi_function_security_appliance/sa_500/administration/guide/SA500_AG_OL1911403.pdf
What model? 520? 540?
What version OS is running on it?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I am sorry it is an SA520W
The only thing the admin guide shows for client configurations are:
The user must ensure that Java, Java Script, Active-X controls are enabled or
allowed in the web browser settings.
This has been done on both the win7 and xp machines.
"What version OS is running on it?"
How do I find this in the configuration utility?
The only thing the admin guide shows for client configurations are:
The user must ensure that Java, Java Script, Active-X controls are enabled or
allowed in the web browser settings.
This has been done on both the win7 and xp machines.
"What version OS is running on it?"
How do I find this in the configuration utility?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thx for the idea nmcnair, I'll look at that just to be sure, however if it were a NAT issue, wouldn't it affect all users?
This current set up works for 3 other accounts and machines, just not 2 laptops reguardless of which account is used. 1 winxp and 1 win7.
This current set up works for 3 other accounts and machines, just not 2 laptops reguardless of which account is used. 1 winxp and 1 win7.
ASKER
It was a Routing issue.
The Private network where the originating VPN client connected was 192.168.1.0 and the host internal private network was 192.168.1.0. The vpn IP is 192.168.251.0
It appears that the traffic was trying to rout locally, rather than going through the VPN host range. Changed the IP of the Internal host to 192.168.20.0 and boom instant connect.
Thx, for the help.
The Private network where the originating VPN client connected was 192.168.1.0 and the host internal private network was 192.168.1.0. The vpn IP is 192.168.251.0
It appears that the traffic was trying to rout locally, rather than going through the VPN host range. Changed the IP of the Internal host to 192.168.20.0 and boom instant connect.
Thx, for the help.
/Jimmy