cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2431
Views
0
Helpful
8
Replies

Fileserver Not accessible over AnyConnect SSL VPN

Suresh Varghese
Level 1
Level 1

I have a fileserver sitiing at my HQ office and my roaming users use Cisco AnyConnect Client to connect to my network from outside.

The fileserver was accessible till last evening and all of a sudden from today it just stopped responding.

The first time u double click on the mapped network drive of the fileserver it thros the error as below

"An error occured while reconnecting X: to \\server name\share name

Microsoft Windows Network : The Local devvice name is already in use.

This connection has not been restored"

The second time when u double click the mapped drive on the local system, from where the SSL VPN is being connected, sometimes it takes 5-6 minutes and then the drive opens, but that is ver rare.

I have another SSL VPN configured on a seperate set of firewalls (totally independent SSL VPN setup) and i am facing the same issue through that also. I get teh same error.

Can somebody throw a light into this as i believe it has nothing to do with the SSL VPN configration. It was working normally from the time the SSL VPN was implemented.

Many thanks in advance.

SureshV

                   

8 Replies 8

Jennifer Halim
Cisco Employee
Cisco Employee

It does sound like fileserver issue than an SSL VPN issue.

Do you happen to know if there has been any changes done on the file server? any update perhaps?

Thanks for the response Jennifer.

No there has been no changes done on the fileserver any time in the near past.

There is one more update, if you double click the mapped drive first time it throws the error and when u double click it the second time, it starts to show as "not responding" and then after 6-7 minutes it just opens.

i got this on my ASA debug screen and when this popped up fileserver fot connected. Can you let me know if this has anything to do with the accessibility performance.

webvpn_rx_data_tunnel_connect

CSTP state = HEADER_PROCESSING

http_parse_cstp_method()

...input: 'CONNECT /CSCOSSLC/tunnel HTTP/1.1'

webvpn_cstp_parse_request_field()

...input: 'Host: XXXX.XXXXXX.XX'

Processing CSTP header line: 'Host: XXXX.XXXXXX.XX'

webvpn_cstp_parse_request_field()

...input: 'User-Agent: Cisco AnyConnect VPN Agent for Windows 2.5.0217'

Processing CSTP header line: 'User-Agent: Cisco AnyConnect VPN Agent for Windows 2.5.0217'

Setting user-agent to: 'Cisco AnyConnect VPN Agent for Windows 2.5.0217'

webvpn_cstp_parse_request_field()

...input: 'Cookie:

webvpn=505307734@10297344@1338382523@4223C00ED0B90E42378741F067368A62E687E643'

Processing CSTP header line: 'Cookie:

webvpn=505307734@10297344@1338382523@4223C00ED0B90E42378741F067368A62E687E643'

Found WebVPN cookie:

'webvpn=505307734@10297344@1338382523@4223C00ED0B90E42378741F067368A62E687E643'

WebVPN Cookie:

'webvpn=505307734@10297344@1338382523@4223C00ED0B90E42378741F067368A62E687E643'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Version: 1'

Processing CSTP header line: 'X-CSTP-Version: 1'

Setting version to '1'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Hostname: David_LT'

Processing CSTP header line: 'X-CSTP-Hostname: David_LT'

Setting hostname to: David_LT'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Accept-Encoding: deflate;q=1.0'

Processing CSTP header line: 'X-CSTP-Accept-Encoding: deflate;q=1.0'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-MTU: 1406'

Processing CSTP header line: 'X-CSTP-MTU: 1406'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Address-Type: IPv4'

Processing CSTP header line: 'X-CSTP-Address-Type: IPv4'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc.'

Processing CSTP header line: 'X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc.'

SVC: NP setup

np_svc_create_session(0x9D2000, 0x70297F20, TRUE)

webvpn_svc_np_setup

SVC ACL Name: DAP-ip-user-906E4E06

SVC ACL ID: 26

SVC ACL ID: 26

No SVC ACL

SVC IPv6 ACL Name: NULL

SVC IPv6 ACL ID: -1

SVC: adding to sessmgmt

SVC: Sending response

Unable to initiate NAC, NAC might not be enabled or invalid policy

CSTP state = CONNECTED

webvpn_rx_data_tunnel_connect

CSTP state = HEADER_PROCESSING

http_parse_cstp_method()

...input: 'CONNECT /CSCOSSLC/tunnel HTTP/1.1'

webvpn_cstp_parse_request_field()

...input: 'Host: XXXX.XXXXXX.XX''

Processing CSTP header line: 'Host: xxxxxx.xxxxxxxxxx.xxxx'

webvpn_cstp_parse_request_field()

...input: 'User-Agent: Cisco AnyConnect VPN Agent for Windows 2.5.0217'

Processing CSTP header line: 'User-Agent: Cisco AnyConnect VPN Agent for Windows 2.5.0217'

Setting user-agent to: 'Cisco AnyConnect VPN Agent for Windows 2.5.0217'

webvpn_cstp_parse_request_field()

...input: 'Cookie: webvpn=505307734@10297344@1338382523@4223C00ED0B90E42378741F067368A62E687E643'

Processing CSTP header line: 'Cookie:

webvpn=505307734@10297344@1338382523@4223C00ED0B90E42378741F067368A62E687E643'

Found WebVPN cookie: 'webvpn=505307734@10297344@1338382523@4223C00ED0B90E42378741F067368A62E687E643'

WebVPN Cookie:

'webvpn=505307734@10297344@1338382523@4223C00ED0B90E42378741F067368A62E687E643'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Version: 1'

Processing CSTP header line: 'X-CSTP-Version: 1'

Setting version to '1'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Hostname: David_LT'

Processing CSTP header line: 'X-CSTP-Hostname: David_LT'

Setting hostname to: 'David_LT'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Accept-Encoding: deflate;q=1.0'

Processing CSTP header line: 'X-CSTP-Accept-Encoding: deflate;q=1.0'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-MTU: 1406'

Processing CSTP header line: 'X-CSTP-MTU: 1406'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Address-Type: IPv4'

Processing CSTP header line: 'X-CSTP-Address-Type: IPv4'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc.'

Processing CSTP header line: 'X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc.'

SVC: NP setup

np_svc_create_session(0x9D2000, 0x70297F20, TRUE)

webvpn_svc_np_setup

SVC ACL Name: DAP-ip-user-906E4E06

SVC ACL ID: 26

SVC ACL ID: 26

No SVC ACL

SVC IPv6 ACL Name: NULL

SVC IPv6 ACL ID: -1

SVC: adding to sessmgmt

SVC: Sending response

Unable to initiate NAC, NAC might not be enabled or invalid policy

CSTP state = CONNECTED

If you try to connect directly to the server using the server name instead of using mapped drive, does that work?

nope, even if i use the \\hostname or \\ipaddress when connected through vpn it says network path not found

It might be conincidence but after 6-7 minutes when it opens the above debug message appears on the ASA, exactly the same time, like i said it might be coincidence.

Once the drive is accessible, it starts working normally

sorry but just after i send u this, i tried again and this time it opened with bith \\hostname & \\ipaddress

but it took the exact same time

If you try to ping the server, what is the response time?

I get an average of 35-50ms and when i do a trace route it takes the correct 4 hops to reach the host

The first 3 hops shows request timed out but the 4th hop reaches the host @ 68-71 ms