08-26-2019 06:07 AM
Hi,
I've just installed AnyConnect VPN on a Cisco IOS 3925 router. It's working, but the customer forces me to disable the web page. They should only be able to connect with their VPN with the AnyConnect client and the portal should not be there.
I've tried everything, but I have no idea how to disable the VPN Portal web page. I've tried to locate webvpn.html and remove it for example, but I have no idea.
Hopefully it's possible :-)
Thanks for all
08-26-2019 10:40 AM
Hi,
No, I don't believe there is a command to disable the web portal only.
Are you using RADIUS to authenticate the users? The attributes sent in the authentication access-accept packet could potentially be used to distinguish between connections using the anyconnect client or the webportal. You could then use those values to deny authentications from the web portal. I've done this on ASA, never tried on IOS router but it might be a possiblity.
Other than that, you could use an IKEv2/IPSec VPN (FlexVPN) instead of SSL-VPN, this does not have a Web Portal.
HTH
08-27-2019 12:08 AM
Thanks for your reply.
Unfortunately, we have used IPSEC before, but we were told to move to SSL. After moving to SSL, we were forced to stop used port 80 for the portal (Forward to 443). After removing this, we were forced to get rid of the web portal. Unfortunately, I can't get remove it.
I might try your solution, but I'm sure they will not accept it...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide