09-06-2012 06:18 AM
good evening, i now learning about SSLVPN, and i already install license in 1941 with SSL and security9 License, i learning how to make a gateway for SSLVPN full tunnel, but i meet an obstacles, when i go to my wan ip address https://wan ip address, the browser give this
Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.
Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.
my gateway is
webvpn gateway gateway_1
ip address wan ip port 443
http-redirect port 80
ssl encryption rc4-md5
ssl trustpoint SSLCS
logging enable
inservice
and the context is
webvpn install svc flash0:/webvpn/anyconnect-win-3.0.5080-k9.pkg sequence 1
!
webvpn context context_1
secondary-color white
title-color #669999
text-color black
ssl authenticate verify all
!
!
policy group policy_1
functions svc-enabled
banner "Welcome To xxx"
svc address-pool "SSLVPN" netmask 255.255.255.0
svc keep-client-installed
default-group-policy policy_1
aaa authentication list ciscocp_vpn_xauth_ml_1
gateway gateway_1
max-users 25
logging enable
inservice
and my
sh cryp pki trust
Trustpoint SSLCS:
Subject Name:
cn=SSLCS
Serial Number (hex): 01
Persistent self-signed certificate trust point
sh cryp key mypubkey rsa
Key name: SSLCS
Key type: RSA KEYS
Storage Device: not specified
Usage: General Purpose Key
Key is not exportable.
Key Data:
30819F30 0D06092A 864886F7 0D010101 05000381 8D003081 89028181 00B9D4D1
498E3706 95AE17BE 7FC1EAE3 E1F814BB D3492052 C34E9DC9 78D68969 1F12AE13
A2D1F0C2 FBE49C8D C72EC74F 59C46F4A 116D7128 D24FFB7A AF6677C8 9763DE91
74591031 65646D0E 163F20D2 7C08D5DE 3743B9D6 8CE8B7BD 61E97730 2449DD18
7465E0D1 6D223E7F E4361967 98DA1093 247395DF 18853E62 E8416B50 E1020301 0001
and by cryp pki server
Certificate Server SSLCS:
Status: enabled
State: enabled
Server's configuration is locked (enter "shut" to unlock it)
Issuer name: CN=SSLCS
CA cert fingerprint: D621B1BB 3DD8D9CD EB2B34EC D11AB0E2
Granting mode is: manual
Last certificate issued serial number (hex): 1
CA certificate expiration timer: 18:14:47 GMT Sep 4 2022
CRL NextUpdate timer: 06:14:49 GMT Sep 7 2012
Current primary storage dir: flash:/SSLCS
Database Level: Complete - all issued certs written as <serialnum>.cer
i want to ask, what happen to the gateway?? and how to solve it
thanks
09-06-2012 09:23 AM
Good Night, i already solved the problem,
and now i can go into webvpn, but when i start anyconnect it hang when status for anyconnect is performing update checks
The AnyConnect Downloader is performing update checks...
and when i used anyconnect secure mobility is always Checking for product updates..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide