WEBVPN not connecting consistently.

jeffrey77 · ‎01-03-2014

I have configured a WEBVPN connection on an 881 but it doesn't want to work correctly. When I go to the webpage and launch the installer it attempts to perform an "Update check" and then eventually fails with the message: "

Failed to get configuration from secure gateway. Contact your system administrator"

If I do a manual install it downloads just fine and then connects. But when I close the connection and attempt to reconnect (Directly from the client) it fails to connect and states it was "not able to connect to the

However sometimes when I go to the portal after installing the client and clicking on the "tunnel" button it will connect again fine.

Here are the error messages I get from debug:

*Jan 3 19:30:16.724: WV: sslvpn process rcvd context queue event

*Jan 3 19:30:16.724: WV: Entering APPL with Context: 0x86419560,

Data buffer(buffer: 0x8647EBE0, data: 0xEFF6A18, len: 240,

offset: 0, domain: 0)

*Jan 3 19:30:16.724: WV: Fragmented App data - buffered

*Jan 3 19:30:16.724: WV: server side not ready to send.

Here is the webvpn config:

webvpn gateway SSLVPN

ip address x.x.x.x port 443

http-redirect port 80

ssl encryption rc4-md5

ssl trustpoint rapidSSL-Intermediate

inservice

!

webvpn install svc flash:webvpn/anyconnect-win-3.1.05152-k9.pkg sequence 1

!

webvpn context sslvpn-context

logo none

secondary-color white

title-color #cccc66

text-color black

ssl authenticate verify all

!

login-message "Please enter your login credentials"

!

policy group one

functions svc-enabled

svc address-pool "SSLVPN-POOL"

svc default-domain "pedgresh.local"

svc split include 10.1.1.0 255.255.255.0

svc split include 10.3.1.0 255.255.255.0

svc split include 10.2.1.0 255.255.255.0

svc split include 10.10.10.0 255.255.255.0

svc dns-server primary 10.1.1.10

default-group-policy one

gateway SSLVPN

inservice

!

jeffrey77 · ‎01-03-2014

Looking at a few examples I notice there is a line from the config not in mine that is as follows:

crypto vpn anyconnect flash:/webvpn/anyconnect-win-3.1.04066-k9.pkg sequence 1

But it is not a command I am able to input via cli?

jeffrey77 · ‎01-03-2014

Another update,the machine I have been working with is running windows 8.1

I have attempted to connect via a laptop running 7 and it will connect every time, HOWEVER, only if I initiate the connection from the web portal login, and not if I do it from the client alone.

Any idea?

jeffrey77 · ‎01-03-2014

I cannot get the web portal to work on both Windows 8.1 and 7, using the Anyconnect client version 3.0.

However I still connot connect when using the client directly. I get this message from the client:

"Connection has timed out. Please verify Internet connectivity."

And this from the router debugs:

*Jan 3 22:18:38.731: WV: sslvpn process rcvd context queue event

*Jan 3 22:18:38.751: WV: sslvpn process rcvd context queue event

*Jan 3 22:18:38.751: WV: Entering APPL with Context: 0x864155F0,

Data buffer(buffer: 0x8647EC80, data: 0xE70F0B8, len: 250,

offset: 0, domain: 0)

*Jan 3 22:18:38.751: WV: Fragmented App data - buffered

*Jan 3 22:18:38.751: WV: Entering APPL with Context: 0x864155F0,

Data buffer(buffer: 0x8647E940, data: 0xE70F3F8, len: 258,

offset: 0, domain: 0)

*Jan 3 22:18:38.751: WV: Appl. processing Failed : 2

*Jan 3 22:18:38.751: WV: server side not ready to send.

dinaafifi · ‎01-04-2014

I have found this VPN service https://www.iwasel.com/en/ connected successfully with no delegation in speed. It is a great solution.