Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1630
Views
0
Helpful
3
Replies

How to configure webvpn on the ASA5510

paulnigel
Level 1
Level 1

‎09-07-2006 06:22 PM

Hi Forum,

I am trying to setup the webvpn on my ASA5510 7.0. I can see the welcome screen when i try to connect to the ASA but nothing beyond that. What could have I done wrong, Is there any sample configurations I can follow? How do I configure the port redirection if I want to remotely telnet to the router?

Append is my config:

thanks much,

ip local pool webvpnpool 192.168.70.30-192.168.70.254 mask 255.255.255.0

url-list KSOWebsite "KSO E-solutions" http://172.16.160.29/default.htm

url-list KSOWebsite "Komag Email Access" https://mail.komag.com.my

url-list KSO-Servers "KSVR09" cifs://172.16.160.27

url-list KSO-Servers "KSVR07" cifs://172.16.160.29

aaa-server kso-radius protocol radius

aaa-server kso-radius host 172.16.160.29

webvpn

group-policy KSOwebvpngrp internal

group-policy KSOwebvpngrp attributes

vpn-tunnel-protocol IPSec webvpn

webvpn

functions url-entry file-access file-entry file-browsing mapi port-forward

tunnel-group KSOwebvpntunnelgrp type ipsec-ra

tunnel-group KSOwebvpntunnelgrp general-attributes

address-pool webvpnpool

authentication-server-group kso-radius

accounting-server-group kso-radius

default-group-policy KSOwebvpngrp

webvpn

enable outside

nbns-server 172.16.160.31 master timeout 2 retry 2

nbns-server 172.16.160.33 timeout 2 retry 2

accounting-server-group kso-radius

authentication-server-group kso-radius

imap4s

enable outside

server 172.16.160.33

authentication-server-group kso-radius

accounting-server-group kso-radius

default-group-policy KSOwebvpngrp

authentication aaa

pop3s

enable outside

server 172.16.160.33

authentication-server-group kso-radius

accounting-server-group kso-radius

default-group-policy KSOwebvpngrp

authentication aaa

smtps

enable outside

server 172.16.160.33

authentication-server-group kso-radius

accounting-server-group kso-radius

default-group-policy KSOwebvpngrp

Labels:
0 Helpful
3 Replies 3

Fernando_Meza
Level 7
Level 7

‎09-07-2006 09:35 PM

Hi .. make sure you disable ASDM access to the outside interface of teh ASA ..

The below link provides instruction that you need to follow .

http://www.cisco.com/en/US/partner/products/ps6120/products_configuration_guide_chapter09186a0080334071.html

I hop eit helps .. please rate it if it does !!!

0 Helpful

paulnigel
Level 1
Level 1
In response to Fernando_Meza

‎09-07-2006 11:20 PM

Hi Fernando,

Thanks for your reply. I have already disable the ASDM on the external interface. however, i have no right to access the link, is there any other link that you can provide for me?

thanks,

0 Helpful

ajagadee
Cisco Employee
Cisco Employee
In response to paulnigel

‎09-08-2006 07:10 PM

Paul,

The link posted by Fernando is accessible only if you have cisco partner access.

You should have access to the below link, which is the same as the one posted by Fernando.

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_70/config/webvpn.htm

Regards,

Arul

0 Helpful
Customers Also Viewed These Support Documents