Hey guys, I'm having a frustrating time trying to make something that I was previously comfortable with work. I've got IOS Anyconnect setup on my router, and I cant establish a connection at all - as in I'm never presented with the login screen. I've looked at the solution configuration and pretty much have it setup as recommended but it still fails. If anything, all I ever get is the login screen for the HTTP server on the local router.
I cant tell what I'm doing wrong, and I really need a fresh mind to help me out. Here's my configuration: username sslvpnuser1 privilege 15 secret cisco username sslvpnuser2@SSLVPN privilege 15 secret cisco aaa new-model aaa authentication login SSLVPN local aaa authorization network SSLVPN local ip http server ip http secure-server ip local pool SSLVPN 10.200.200.1 10.200.200.10 webvpn install svc flash:/webvpn/svc_1.pkg sequence 1 webvpn gateway SSLVPN-GATEWAY ip interface Loopback0 port 443 ssl trustpoint TP-self-signed-4045900963 <- auto created once I bring the gateway "inservice" logging enable inservice webvpn context SSLVPN-CONTEXT title "CCIE Security Lab Router R1 IOS WEBVPN" ssl authenticate verify all ! ! policy group POLICY1 functions svc-enabled svc address-pool "SSLVPN" svc split include 10.10.10.0 255.255.255.0 default-group-policy POLICY1 aaa authentication list SSLVPN aaa authentication domain @SSLVPN aaa authorization list SSLVPN gateway SSLVPN-GATEWAY domain SSLVPN logging enable inservice Here is the error message that keeps popping up in the log when I try to establish a connection: Sep 14 2011 09:41:44.900 PDT: %SSLVPN-5-SSL_TLS_ERROR: vw_ctx: UNKNOWN vw_gw: SSLVPN-GATEWAY i_vrf: 0 f_vrf: 0 status: SSL/TLS connection error with remote at 10.49.49.100:4450 Sep 14 2011 09:44:21.416 PDT: %SSLVPN-5-SSL_TLS_CONNECT_OK: vw_ctx: UNKNOWN vw_gw: SSLVPN-GATEWAY i_vrf: 0 f_vrf: 0 status: SSL/TLS connection successful with remote at 10.49.49.100:4517 Initially I thought it was because i was using a sub-interface for the gateway, so I changed it to the loopback but still get the same result. Also thought it was because I had a firewall inbetween the client and the gateway, but I placed my client inside the firewall and the result was the same thing. HELP Mark
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
