WebVPN - web page does not display corretcly

Felix Curinga · ‎02-17-2005

CLIENT <--- https --- VPN3005 --- http ---> SERVER

version 4.1.7

The HTTP header appears in the browser's display. Looks like the VPN3005 would start interpreting the HTTP header as html code.. Anybody has an idea ?

I found this in the bug tool, but my problem appears with all major browser types.

BugID: CSCef31966

Title: webvpn does not mangle pages correctly

Feature: software-3000

Version: 4.1

Integrated:

Severity: 3

State: A

gfullage · ‎02-17-2005

I'd say there's something in the HTML code in your header that the WebVPN mangler isn't interpreting properly.

For starters, I would recommend upgrading to 4.1.7D cause each new release of code has a lot of WEbVPn fixes in it (there's lots of "WebVPN doesn't work with www.somewebsite.com" type bugs that get fixed with each release).

Failing that, we would need to see the original HTML code and what the 3005 mangles it to via the WebVPN session. To do this, here is the process to enable WEBVPN logging. I would suggest that you enable this at the point where the web

page of concern is one click away, and then once the page has completed, then disable

the logging ie: only capture the one page and not other pages that you might

have to go to prior to the page of concern.

To do this, you need to go into the CLI via the console port. At the main

menu, follow this path to the WEBVPN logging options. The WEBVPN username is

needed, Capture all HTTP traffic, then once here, make sure that you are

just one click away from the page of interest, enable the logging, then wait

for the page to complete before disabling logging and then follow the same

process for the other two web pages. At this stage, it would be worthwhile

to also capture the WEBVPN events for completeness.

>From the main menu....

3, 2, 5, 1 {WEBVPN Username}, 2 {all http traffic}, 3

Here's a complete transaction..

############################

1) Configuration

2) Administration

3) Monitoring

4) Save changes to Config file

5) Help Information

6) Exit

VPN3060_UK: Main -> 3

1) Routing Table

2) Event Log

3) System Status

4) Sessions

5) General Statistics

6) Dynamic Filters

7) Back

VPN3060_UK: Monitor -> 2

1) Configure Log viewing parameters

2) View Event Log

3) Save Log

4) Clear Log

5) Configure WebVPN Logging

6) Back

VPN3060_UK: Log -> 5

WebVPN Logging: OFF

User: "NULL"

Path: "NULL"

1) Set Username

2) Set Path

3) Enable/Disable WebVPN Logging

4) Back

VPN3060_UK: WebVPN Logging -> 1

Enter the name of the user to capture.

>> Username to Log

VPN3060_UK: WebVPN Logging -> vpnuser <---- WEBVPN UserID

WebVPN Logging: OFF

User: "vpnuser"

Path: "NULL"

1) Set Username

2) Set Path

3) Enable/Disable WebVPN Logging

4) Back

VPN3060_UK: WebVPN Logging -> 2

Enter the path to capture.

Format:

/http[s]///

Use "/http" to capture everything.

Use "/http/0/" to capture HTTP traffic to .

Use "/https/0/" to capture HTTPS traffic to .

>> Path Prefix to Log

VPN3060_UK: WebVPN Logging -> /http <---- all http traffic

WebVPN Logging: OFF

User: "vpnuser"

Path: "/http"

1) Set Username

2) Set Path

3) Enable/Disable WebVPN Logging

4) Back

VPN3060_UK: WebVPN Logging -> 3

WARNING:-- Enabling this feature will impact performance.

1) Enable WebVPN Logging

2) Disable WebVPN Logging

VPN3060_UK: WebVPN Logging -> [ 2 ] 1 <---- Enable

WebVPN Logging: ON

User: "vpnuser"

Path: "/http"

############################

Once you have gone through one capture cycle, you will then need to send us the

original.txt and mangled.txt files from the concentrator.

I wouldn't recommend posting them up here on a public forum. I'd suggest at this point you open a TAC case and post them up there along with the screen-shot you provided, they can then investigate what's going on and get it fixed if necessary.