Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1097
Views
0
Helpful
6
Replies

Cisco AnyConnect web login page: error

ales.krek@snt.si
Level 1
Level 1

‎10-04-2024 02:13 AM

Hi.

I have a problem connecting to web login page. When I connect to https://163.159.19.11/CACHE/sdesktop/install/start.htm

Everything is working OK

aleskreksntsi_0-1728033035613.png

When I click on Log In I get error: 

aleskreksntsi_1-1728033096213.png

I checked configuration and it looks fine.

show version:

Cisco Adaptive Security Appliance Software Version 9.20(3)
SSP Operating System Version 2.14(2.106)
Device Manager Version 7.20(2)

Compiled on Wed 31-Jul-24 00:50 GMT by builders
System image file is "disk0:/mnt/boot/installables/switch/fxos-k8-fp2k-npu.2.14.2.106.SPA"
Config file at boot was "startup-config"

zel-asa-vpn-fw-1 up 13 days 20 hours
Start-up time 2 mins 35 secs

Hardware: FPR-2120, 6572 MB RAM, CPU MIPS 1200 MHz, 1 CPU (8 cores)


1: Int: Internal-Data0/1 : address is 000f.b748.4801, irq 0
3: Ext: Management1/1 : address is 4874.10b6.3b81, irq 0
4: Int: Internal-Data1/1 : address is 0000.0100.0001, irq 0

License mode: Smart Licensing

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 1024
Inside Hosts : Unlimited
Failover : Active/Active
Encryption-DES : Enabled
Encryption-3DES-AES : Enabled
Security Contexts : 2
Carrier : Disabled
AnyConnect Premium Peers : 3500
AnyConnect Essentials : Disabled
Other VPN Peers : 3500
Total VPN Peers : 3500
AnyConnect for Mobile : Enabled
AnyConnect for Cisco VPN Phone : Enabled
Advanced Endpoint Assessment : Enabled
Shared License : Disabled
Total TLS Proxy Sessions : 8000
Cluster : Disabled

Serial Number: FJZ2833W7M7
Configuration last modified by enable_15 at 08:57:24.620 UTC Fri Oct 4 2024

 

show run web:

webvpn
enable outside tls-only
http-headers
hsts-server
enable
max-age 31536000
include-sub-domains
no preload
hsts-client
no enable
x-content-type-options
x-xss-protection
content-security-policy
hostscan image disk0:/hostscan_4.10.08029-k9.pkg
hostscan enable
anyconnect image disk0:/anyconnect-macos-4.10.08029-webdeploy-k9.pkg 1
anyconnect image disk0:/anyconnect-linux64-4.10.08029-webdeploy-k9.pkg 2
anyconnect image disk0:/anyconnect-win-4.10.08029-webdeploy-k9.pkg 3
anyconnect profiles zNET_AC_Profile_client_profile disk0:/znet_ac_profile_client_profile.xml
anyconnect profiles zNET_NIJZ disk0:/znet_nijz.xml
anyconnect profiles zNET_VPN_MGMT disk0:/znet_vpn_mgmt.xml
anyconnect profiles zNET_dostop_do_LAN disk0:/znet_dostop_do_lan.xml
anyconnect profiles zNET_zasebnik disk0:/znet_zasebnik.xml
anyconnect enable
tunnel-group-list enable

Thank you for your help in advance.

 

Regards, Aleš Krek.

Labels:
0 Helpful
6 Replies 6

balaji.bandi
Hall of Fame
Hall of Fame

‎10-04-2024 04:42 AM

You gettting 404 error, can you run the debug on the ASA and check what causing the issue. (debug webvpn)

https://www.cisco.com/c/en/us/td/docs/security/asa/asa98/configuration/vpn/asa-98-vpn-config/webvpn-configure-gateway.html

https://www.cisco.com/c/en/us/support/docs/security-vpn/webvpn-ssl-vpn/119417-config-asa-00.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

ales.krek@snt.si
Level 1
Level 1
In response to balaji.bandi

‎10-09-2024 01:17 AM

Thank you for reply. I run the debug command but there's no output regarding web page error.

The configuration seams fine. I imported (copy paste, section by section) configuration from previous device. Only change is in ASA version. Previous was 9.12.XY and now is 9.20(3).

 

Regards, Aleš Krek.

0 Helpful

ales.krek@snt.si
Level 1
Level 1

‎10-15-2024 12:35 PM

I did the work around. For every client VPN group I enabled url and disabled default landing page. Now it works. 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to ales.krek@snt.si

‎10-16-2024 09:18 AM

glad you know you able to make some fix.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

mumohama
Cisco Employee
Cisco Employee
In response to ales.krek@snt.si

‎08-26-2025 05:13 PM

Hi Ales,

Could you help to share how you enable URL in VPN group and disable default landing page. 

 

thank you

0 Helpful

siskum
Spotlight
Spotlight

‎09-01-2025 05:48 PM

ales.krek@snt.si 

Hi,

 

In your configuration I have seen:

webvpn
enable outside tls-only
http-headers

If you disable http-headers it shoud be work fine. try out following code in CLI command :

hostnamexx#config t

hostnamexx(config)#webvpn

hostnamexx(config-webvpn)#no http-headers

Give me a feedback and thumbs up of your successfull attempt.

/Siskum

 

Sisira
0 Helpful
Customers Also Viewed These Support Documents