11-17-2010 07:26 PM
Hi All,
Following is the configuration done for SSL vpn on our ASA 5510. . though we did the configuration refering the site we are unable to get the login prompt. could you please check and suggest to make SSL vpn working
Configuration
===========
webvpn
enable outside
revert webvpn url-list Test
import webvpn url-list SSL_Bookmarks disk0:/tmpAsdmImportFile1646955469
delete /noconfirm disk0:/tmpAsdmImportFile1646955469
group-policy SSL_users internal
group-policy SSL_users attributes
vpn-tunnel-protocol webvpn
webvpn
url-list value SSL_Bookmarks
tunnel-group SSL_VPN type remote-access
tunnel-group SSL_VPN general-attributes
default-group-policy SSL_users
authentication-server-group RADIUS
group-policy SSL_users attributes
vpn-tunnel-protocol svc webvpn
tunnel-group SSL_VPN webvpn-attributes
group-alias AnyConnect enable
webvpn
tunnel-group-list enable
============================
Version
======
ASA-5510-1# sh ver
Cisco Adaptive Security Appliance Software Version 8.2(1)
Device Manager Version 6.2(1)
Compiled on Tue 05-May-09 22:45 by builders
System image file is "disk0:/asa821-k8.bin"
Config file at boot was "startup-config"
ASA-5510-1 up 57 days 9 hours
Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: Ethernet0/0 : address is 0027.0d38.034e, irq 9
1: Ext: Ethernet0/1 : address is 0027.0d38.034f, irq 9
2: Ext: Ethernet0/2 : address is 0027.0d38.0350, irq 9
3: Ext: Ethernet0/3 : address is 0027.0d38.0351, irq 9
4: Ext: Management0/0 : address is 0027.0d38.0352, irq 11
5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11
6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 100
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Disabled
Security Contexts : 2
GTP/GPRS : Disabled
SSL VPN Peers : 2
Total VPN Peers : 250
Shared License : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
AnyConnect Essentials : Disabled
Advanced Endpoint Assessment : Disabled
UC Phone Proxy Sessions : 2
Total UC Proxy Sessions : 2
Botnet Traffic Filter : Disabled
This platform has an ASA 5510 Security Plus license.
Serial Number: JMX1350L04D
Running Activation Key: 0xef04c544 0xf4999c16 0xf4c19950 0x85684c50 0x442c3292
Configuration register is 0x1
Configuration last modified by enable_15 at 06:55:11.349 UAE Thu Nov 18 2010
ASA-5510-1#
===================
Thanks in adavnce
Solved! Go to Solution.
11-18-2010 03:57 PM
Thanks a lot for the information regarding license. i have now registered for ASA 3DES/AES License . i will be getting the same in another 1 hour time. will upgrade and let you know the status. i hope the configuration done for SSL vpn is ok . please check.
meanwhile i would like to know whether i get free license for SSL VPN peer. currently we have only 2 peer. how can i increase the SSL peer ?
11-18-2010 04:01 PM
No, with additional SSL VPN license, you would need to purchase those license.
11-22-2010 08:45 PM
Dear Jenni,
Thanks .
Finally my SSL vpn is working now. i had to active 3des/AES license. my browser was not working with DES license.
We are planning to get SSL peer license. once we get the license how do we activate the same.
Thanks
11-22-2010 08:49 PM
Excellent, and thanks for the update and rating.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide