07-15-2014 04:56 AM - edited 03-07-2019 08:03 PM
Hello
I have been veryfing for AnyConnect VPN client with Cisco 2911 IOS Router which
configred in SSL-VPN. I have already installed the following AnyConnect VPN client in Test PC.
-------------------------------------------------------------------------
anyconnect-win-3.1.05170-pre-deploy-k9.msi
-------------------------------------------------------------------------
And I have also configured SSL-VPN in Cisco 2911 Router and installed pkg file below.
-------------------------------------------------------------------------
anyconnect-win-3.1.05170-k9.pkg
-------------------------------------------------------------------------
However if I checked with Firefox SSL3.0 support browser then it shows the Server html file
but if I check with AnyConnect VPN client application tool then it can not be successful.
I appreciate if there is any related information, here is the topology, configuration and
verification result.
[Toplogy]
-----------------------------------------------------------------------------------------------------------------
PC with AnyConnect VPN Client ----- Gi0/1 Cisco 2911 Gi0/0 ----------- Server
.1 10.0.20.0/24 192.168.1.0/24 .1
IOS Ver : 15.3(3)M with SEC license
-----------------------------------------------------------------------------------------------------------------
[Config summary]
aaa new-model
aaa authentication login default local
username TEST password 0 sslvpn
!
interface GigabitEthernet0/1
description ##### SSL connection #####
ip address 10.0.20.254 255.255.255.0
!
interface GigabitEthernet0/0
description ##### Server connection #####
ip address 192.168.1.254 255.255.255.0
!
webvpn gateway SSL-VPN
ip address 10.0.20.254 port 443
ssl trustpoint TP-self-signed-2787629943
inservice
!
webvpn context SSL-VPN
gateway SSL-VPN
!
ssl authenticate verify all
!
url-list "InternalWebserver"
url-text "Web" url-value "192.168.1.1"
inservice
!
policy group default
url-list "InternalWebserver"
default-group-policy default
-----------------------------------------------------------------------------------------------------------------
[package installation]
C2911#sh flash
-#- --length-- -----date/time------ path
1 95701228 Jul 15 2014 11:38:42 +00:00 c2900-universalk9-mz.SPA.153-3.M.bin
2 35380792 Jul 15 2014 11:40:16 +00:00 anyconnect-win-3.1.05170-k9.pkg
2911#conf t
C2911(config)#webvpn install svc flash:anyconnect-win-3.1.05170-k9.pkg
SSLVPN Package SSL-VPN-Client (seq:1): installed successfully
C2911(config)#
C2911#sh run | be crypto vpn
crypto vpn anyconnect flash0:/webvpn/anyconnect-win-3.1.05170-k9.pkg sequence 1
C2911#sh flash:
-#- --length-- -----date/time------ path
1 95701228 Jul 15 2014 11:38:42 +00:00 c2900-universalk9-mz.SPA.153-3.M.bin
2 35380792 Jul 15 2014 11:40:16 +00:00 anyconnect-win-3.1.05170-k9.pkg
3 0 Jul 15 2014 11:53:54 +00:00 webvpn
4 35380792 Jul 15 2014 11:54:24 +00:00 webvpn/anyconnect-win-3.1.05170-k9.pkg
-----------------------------------------------------------------------------------------------------------------
[Connect from AnyConnect PC to https://10.0.20.254 using Firefox SSL3.0 Browser]
The result : Connection is OK and can see the server html file.
-----------------------------------------------------------------------------------------------------------------
[Connect from AnyConnect PC to https://10.0.20.254 using AnyConnect Secure Mobility Client]
The result : Connection is not OK, please see the attached file.
The message : The AnyConnect package on the secure gateway could not be located. You may be experencing network connectivity issues. Please try connecting again.
Any information is very appreciated. Thank you very much.
Best Regards,
Masanobu Hiyoshi
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide