cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1805
Views
5
Helpful
3
Replies
Highlighted

clientless ssl vpn homepage after login problem

Hi all,

I have a problem with my clientless vpn portal.

I need to configure that when a user logs in through the portal, something that works just fine, that he ends up on the homepage.

Right now he ends up immediatly on the anyconnect button.

With the homepage I do mean the first button that says "Home".

Users must be able to click on the "Web Applications", below "Home".

Below "Web Applications" users must have their "Anyconnect" button aswell.

First of all I wasn't able to make the portal display the "Anyconnect" button in the menu.

Then after a while, I figured out that when de Dynamic Access Policy said "Unchanged" on the "Access Method" page.

When changing that parameter to "Anyconnect client" the portal is no portal anymore, I immediatly end up on the anyconnect client start.

When selecting "Web-Portal" I get the portal page, but the anyconnect menu is missing.

When selecting "Both-Default-Web-Portal" I get the anyconnect button, and all other menus, which is good.

But, I want the home button to be the default.

And not the anyconnect button, after logging in you immediatly get the start anyconnect page.

And then last but not least, when selecting "Both-Default-Anyconnect" you login to the webportal, anyconnect starts immediatly from the menu.

Something we want the end user to do manually (Click "Start Anyconnect") I mean!

I'm pretty sure the DAP is forcing that because of the options above.

But when selecting unchanged or anything that doesn't include Anyconnect, then the anyconnect button is gone...

I don't know what I can do to change that.

Am I missing something??

I would say DAP isn't needed, but when I set everything to default in the default DAP, then the anyconnect button is gone in the menu...

Kind regards,

Robin

Here's my configuration:

group-policy GP_company_intranet_portal attributes

wins-server value x.x.x.x

dns-server value x.x.x.x

vpn-tunnel-protocol ssl-client ssl-clientless

split-tunnel-policy tunnelall

default-domain value company.local

address-pools value IPP_SSLVPN01

webvpn

  url-list value BML_company_intranet_portal

  http-proxy disable

  anyconnect keep-installer installed

  anyconnect ask enable default webvpn

  customization value CO_company_intranet_portal

  http-comp gzip

  hidden-shares none

  activex-relay enable

  file-entry disable

  file-browsing disable

  url-entry disable

  smart-tunnel auto-signon disable

tunnel-group TG_company_portal_localauth type remote-access

tunnel-group TG_company_portal_localauth webvpn-attributes

customization CO_company_intranet_portal

group-url https://portal.company.be enable

username testaccount password xxxxxxxxxx encrypted privilege 0

username testaccount attributes

vpn-group-policy GP_company_intranet_portal

vpn-tunnel-protocol ssl-client ssl-clientless

password-storage disable

group-lock value TG_company_portal_localauth

service-type remote-access

Troubleshooting when logged in, just to verify if the right group-policy is being used:

FW-company# show vpn-sessiondb webvpn

Session Type: WebVPN

Username     : testaccount              Index        : 510

Public IP    : x.x.x.x

Protocol     : Clientless

License      : AnyConnect Premium

Encryption   : 3DES                   Hashing      : SHA1

Bytes Tx     : 114897                 Bytes Rx     : 16087

Group Policy : GP_company_intranet_portal

Tunnel Group : TG_company_portal_localauth

Login Time   : 14:50:56 GMT+2 Thu Oct 25 2012

Duration     : 0h:00m:03s

Inactivity   : 0h:00m:00s

NAC Result   : Unknown

VLAN Mapping : N/A                    VLAN         : none

1 ACCEPTED SOLUTION

Accepted Solutions

clientless ssl vpn homepage after login problem

Hi Robin,

You could try:

1- Please remove / disable the DAP rules and only keep the default one with default action and settings (continue). This in order to exclude DAPs as the root cause.

2- group-policy GP_company_intranet_portal attributes

     webvpn

          anyconnect ask none default webvpn

Let me know how it goes.

HTH.

Portu.

Please rate any helpful posts

3 REPLIES 3

clientless ssl vpn homepage after login problem

Hi Robin,

You could try:

1- Please remove / disable the DAP rules and only keep the default one with default action and settings (continue). This in order to exclude DAPs as the root cause.

2- group-policy GP_company_intranet_portal attributes

     webvpn

          anyconnect ask none default webvpn

Let me know how it goes.

HTH.

Portu.

Please rate any helpful posts

clientless ssl vpn homepage after login problem

Hi jportugu,

I can't believe it, i serieously though I already did that... And that removed my anyconnect button from the menu.

Which is why I started playing with the DAP function in the first place.

I tried your suggestion and that now works..

Thanks!

The only new problem now is that my bookmarks aren't showing up anymore now.

But that must be a different problem I guess.

Might be DAP related again?

Result: I activated under the default DAP: "Bookmarks" ==> "Enable bookmarks"

Now everything works as it is supposed to...

Really strange though... I thought I did that already...

Thanks jportugu!!

Kind regards,

Robin

clientless ssl vpn homepage after login problem

Robin,

Great news

Thanks for counting on this great Support Community!