Cisco VPN :: ASA 5510 Clientless SSL VPN Portal With MAC OS Lion 10.7
Feb 12, 2012
I have a Cisco ASA 5510 8.2 (3) with clientless SSL VPN portal enabled with some bookmarks pointing to internal servers. I just installed a new Mac OS Lion Server 10.7 box and have a share on it using both AFP and SMB. My old Mac server is 10.6 with a similar share with both AFP and SMB enabled. When using the Portal browser (or bookmarks pointing to cifs://example/server), I get an error "Error contacting host" to the the 10.7 box, but browsing to the 10.6 box works fine.
I have double checked all settings on the 10.7 and permissions, everything appears correct. I can also browse internally via SMB from Windows XP/Windows 7 using default UNC paths \exampleserver, etc., to the 10.7 box.
From what I have read, the 10.7 has a completely different design to the SMB versus the earlier 10.6. [URL].
View 0 Replies
ADVERTISEMENT
Aug 9, 2010
I am trying to customize a web VPN portal on my 5510 but I get errors whenever I try to add a customization object. Running ADSM 6.1(5)51 on ASA 8.0(5). The error I get when I try to apply a newly created customization object is:
[ERROR] export webvpn customization DfltCustomization disk0:/tmpAsdmImportFile2090698426 export webvpn customization DfltCustomization disk0:/tmpAsdmImportFile2090698426 ^
% Invalid input detected at '^' marker.
[ERROR] import webvpn customization test disk0:/tmpAsdmImportFile2090698426 % copying 'disk0:/tmpAsdmImportFile2090698426' to a temporary ramfs file failed
[ERROR] delete /noconfirm disk0:/tmpAsdmImportFile2090698426 %Error deleting disk0:/tmpAsdmImportFile2090698426 (No such file or directory)
Tried revert webvpn all but I get error on that as well:
Result of the command: "revert webvpn all"
%ERROR: ifs_rm_dir_rec: unknown type of file `disk0:/csco_config/97/customization/86D3828A0A0EB0FFA3B55870AAA43E4F'
View 3 Replies
View Related
Aug 18, 2011
I am configuring Clientless SSL VPN on ASA5505 with 8.2(2)17. After the login, default page should be "Home", but if activating "Anyconnect". it always goes to Anyconnect as a first page. If disabling "Anyconnect" using SSL VPN Customization Editor --> Portal --> Application, it always goes to the other one. Never get "Home" as a first page, can I set the first page manually?
View 3 Replies
View Related
Feb 14, 2013
I would like to ask if the ASA5510 can support TLS 1.1 above?On the ASDM it can only be chosen between SSLv3 or TLSv1.When "Negotiate SSL V3", the Active-X plugin can not be loaded (IE 9 with supported SSL v3). It seems that the plugin only works with TLSv1.Is there some roadmap for the TLS1.1/1.2?
View 1 Replies
View Related
Dec 20, 2011
I need to forward port 55443 to an internal address ( lets call it 15.15.15.15) from two outside ip's ( 5.5.5.5 and 6.6.6.6)These addresses need to see the server IP address (15.15.15.15) only and nothing else. It is an ASA 5510?
View 9 Replies
View Related
Dec 15, 2011
I am setting up a clientless SSL VPN and AnyConnect on a ASA5510 running 8.4. When I login to clientless SSL VPN I get a menu with AnyConnect showing as an option. When I click on that AnyConnect it try to load. Half way loading an error message pop up.Error message:The secure gateway has rejected the connection attempt. A new connection attempt to the same or another secure gateway is needed, which requires re-authentication. The following message was received from the secure gateway: No address available for SVC connection.When I load AnyConnect seperately then it works. I don't have that problem when using 8.2.
View 1 Replies
View Related
Sep 2, 2011
Configured Clientless SSL VPN Access and it works properly for everything except connectivity to an HP iLO. When I go to the http address, I see the redirect page come up but as soon as it goes to the https page, I get the following:Connection failedServer 192.168.10.252 unavailable. It happens on any HP iLO web sites I try to connect to.
View 3 Replies
View Related
Mar 14, 2012
We have a problem with a manager who has upgrades his Mac to the latest Lion OS (64 bit), before uograding he could connect without any problem with his mac to our network and work on the terminal server. Since the upgrade he's not able to get it working in 64 bit (normal) mode.
This our setup
Cisco PIX 515
RSA Cisco Pix security Apliance.
View 1 Replies
View Related
Nov 24, 2011
does lion support hp 6840 can i install on mac i have lion
View 1 Replies
View Related
Nov 20, 2012
I am currently have a Cisco 881 router running EasyVPN server. I recently created come IPSec rules that allow trafiic to specific IP's for a specific security group:
access-list 105 permit ip host 10.1.0.5 any
access-list 105 permit ip host 10.1.0.15 any
access-list 105 permit ip host 10.1.0.16 any
access-list 105 permit ip host 10.1.0.32 any
This works as expected with our Windows users, however our Mac users (using native VPN Client) can only reach the FIRST ip in the string of access statements. When I was torubleshooting this, I moved .32 as the first statement and I could only reach it and none of the others.
View 2 Replies
View Related
Jun 9, 2013
I have issues connecting to the webvpn as its asking for some certificate for authentication, I am using the self generated certificate, but when I try to connect to SSL gateway via its IP address , Browser expect me to provide the certificated, I want to tell the Browser to use the self generated certificate of ASA5505, but not sure how I do it.I undestand when WEBVPN/SSL clientless VPN try to establish the VPN , ASA sends the certificate back to the browser to accept/authenticate it, but when I connect I don't get any certificate where I say YES to accept it.Can I just disable certificate with SSL and just use username/password to crater a WEBVPN ?
View 7 Replies
View Related
Jun 25, 2011
I am configuring it with our ASA 5540 default 2 SSL License. I have got 10 demo license from Cisco, however I am yet to activate it.
I have problems is accessing SSH and Web Services.
1) SSH: When I try to ssh one of my device, it ask me to give me Username and Password. After that it it shows the full black screen and do not ask me to provide Enable password. But Telnet is working fine.
2) WebService: We have one web service (internal). 2 webserver connected to cisco css 11501. the URL is http://10.10.10.10/web. I try to access it from the WebService page with giving 10.10.10.10/web and 10.10.10.10 using http protocol. but it shows that the server is not reachable.
View 2 Replies
View Related
Sep 5, 2012
I have configured a ASA5510 for clientless access by using the ASA http bookmark. The web server require an authentication by sending a web server logon screen. If I enter the user credentials at IE7 or IE9 browser on the the web server logon screen the authentication fails, the web server logon screen appears again and again without any error message. If I use the firefox browser instead of IE browser the web server authentication works without any problems. These problem appears only by using the ASA device, the local lan access with IE7 and IE9 and web server authentication works without any problems. Is that possible to configure the ASA http bookmark with the domain credential?
View 4 Replies
View Related
Dec 3, 2012
I'm using the Cisco AnyConnect VPN Client (2.5.3055) to connect to a server "A". It has worked fine. Then I tried to connect to the server "B" from the free university of Berlin and then this installed (3.0.08057) automatically without asking. Connecting to server "A" does not work any more. The error message is: "The AnyConnect package on the secure gateway could not be located. You may be experiencing network connectivity issues. Please try again." So I tried to de-install the client with the shipped uninstaller and installed the previous 2.5 client again. but the Error message is still the same.so which files should I remove/edit to get it working as before. The network is OK, I tried it on a other computer under Windows Vista and there the freshly installed Client works fine. So I guess ther must be some files or configurations from the newer version in the way.
View 0 Replies
View Related
Dec 11, 2011
I have setup clientless SSL VPN on my ASA. User authentication is done by RADIUS using ACS 5.2, I have created two portal one for IT department and the other for auditing department but the user in auditing if the select IT group from the drop down list they can login to it, my question is how can I make them login to their group only and prevent them from accessing other groups ?
View 3 Replies
View Related
Sep 19, 2011
so i have a printer attatched to my mom's computer and it's set up for sharing. i can get to the printer through my macbook, but it's asking for a username and password to the network (which it didn't ask me to do when setting up the sharing settings on the windows pc) what do i need to do?
View 11 Replies
View Related
Oct 30, 2011
I recently bought a dell v313w and I finally managed to configure the printer with my mac via wifi.
I'm still very disappointed because I just can't figure out how to scan from my v313w to the mac as it doesn't appear in the possible destination hosts.
View 1 Replies
View Related
Aug 28, 2012
I have a Cisco 1800 ISR router running IOS 12.4(22)T5.Clientless SSL VN is configured and working, and has three bookmarks.When logged into Clientless SSL VPN and displaying the portal page in IE-8, the bookmarks are visible and functioning as expected.When logged into Cleintless SSL VPN and displaying the portal page in FireFox-14 or Chrome-21, the bookmarks are not visible.The window for the bookmarks is displayed, but the content (file tree) is not.
View 1 Replies
View Related
May 16, 2012
I know about recomendation to update a system software! Here is my software version and rdp plug-in version: asa843-k8.bin, rdp-plugin.120424.I also tried to use previous version of rdp plug-ins, but connection through RDP still not work normally! 90 percent of the attempts to give a black screen.
View 1 Replies
View Related
Jul 16, 2012
I'm with one problem, my OS Lion don't authentication in the Secure ACS Version: 5.2.0.26.10.For the Mac Lion operating system to work you must put in execeção the MAC Address of your computer. I wonder how it could cause the OS to authenticate the ACS Lion.
View 1 Replies
View Related
Apr 18, 2011
I have asa 5505 configured with smart tunnel for mstsc.exe only. It work fine only if I use IP address of Terminal Server(192.168.1.1 for example) in Terminal Client(mstsc). But it does not not work if I try to use fqdn of Terminal Server (servername.domain.name for example). Is it possible to use mstsc.exe with smart tunnel with FQDN of Terminal Server?
View 1 Replies
View Related
Feb 7, 2011
Is It possible to hairpin clientless SSLVPN connections (ASA5510)? I'd like to create a portal that allows a user to log into the central clientless webpage and access RDP/VNC resources at remote sites connected via site-to-site VPN. Initial testing shows the user can access resources at the hub site, but not the spokes. I have the standard:
same-security-traffic permit inter-interfacesame-security-traffic permit intra-interface
...entered on the ASA.
View 2 Replies
View Related
Jun 20, 2012
I currently have a problem with connecting to some CIFS shares on a EMC NAS. I have created some bookmarks for those shares to be used via the client less SSL VPN portal. I have also setup SSO which works properly for web-bookmarks and RDP stuff but not for the CIFS shares.
When I try to access those shares I'll always get a "authentication failed" error message. Afterwards a new log in-box is displayed. I have been able to log in to those shares by using the user-ID prefixed with the domain name [URL]. Log in fails when using only the user-ID or for example DOMAIN user-ID. I have also tried with a share on a different Server (windows2008 R2) which works without any problems.
View 1 Replies
View Related
Jun 14, 2011
I've setup access via our ASA5510 portal which is working fine but I can't seem to connectto the ASA when there are two active connections. If there is only one, it's fine.
Problem - Unable to Connect More Than Three WEB VPN Users to PIX/ASAProblem :Only three WEB VPN clients can connect to ASA/PIX; the connection for the fourth client fails.
Solution :In most cases, this issue is related to a simultaneous login setting within the group policy.Use this illustration to configure the desired number of simultaneous logins. In this example, the desired value was 20.
ciscoasa(config)# group-policy Bryan attributes
ciscoasa(config-group-policy)# vpn-simultaneous-logins 20Would this be the same thing?
If so how whould I check the existing setting in the GUI?
View 7 Replies
View Related
Mar 19, 2013
I have an ASA5540 running AnyConnect premium (25 users). I know that I need the AnyConnect Mobile license in order to use an AnyConnect client on the IPADs/Iphones. My question is - can I do clientless SSL VPN? Do I need the AnyConnect Mobile license for this?
View 3 Replies
View Related
Oct 16, 2012
Web clients are receiving login failed messages and VPN clients are getting disconnected by host messages. I am able to ping the server from the ASA5510. Users authenticate in AD. I am not sure if the problem is on the server or the ASA.
View 1 Replies
View Related
Dec 5, 2011
802.1x authentication on their Cisco Wifi network using Macbook Pro/Airs running Lion.
We have.. 2x Controllers with WiSMs running 7.0.116.0 A mixture of 1131 and 1142 APs.. ( APs mainly in HREAP mode with some APs located on the same local network as the Controller in Local Mode ) Macbook Airs/ Pro running Lion
[URL]
In summary, we are finding that when our MacBooks are coming out of sleep/standby or roaming between APs, the devices get stuck during the 802.1x authentication process and will either get the self assigned 169 address or continuously try to authenticate.
This can occasionally be solved by turning the wifi interface off and on or manually stopping and starting the 802.1x process on the Mac
From reading various online forums, we have tried the following to resolve this..
- Disabled WPA across our wifi network as we don't use it anymore.. We now just use WPA2 with AES and Dot1x authentication.
- Disabled Client Load Balancing on the SSID configuration… this does not seem to have made things any better or worse although we are seeing more Load Profile threshold notification alerts for some of our APs which are used heavily.
- The 802.1x time out is currently set at 20secs.
- Some APs which are in Local mode ( due to them being on the same local network as our wifi controllers ) have been changed to HREAP mode and assigned a static IP address.. We found that this was required at our spoke sites where we were originally experiencing issues with our old Windows based devices.. Incidentally, we have not experienced any of these delayed authentication issues with our Window laptops, all our problems seem to be with our MacBooks running Lion..
As I mentioned earlier, there seems to be many discussions online regarding problems with the Lion OS and 802.1x authentication..
View 4 Replies
View Related
Jun 26, 2012
Model: ASA 5520
ASA: asa843-k8.bin
We are having an issue with the the ASA RDP2 plugin, it has been working correctly since the installation of the ASA 2 years ago.1 month ago the functionality stopped working in IE activeX. I performed an upgrade of the ASA software in an attempt to fix, unfortunately this has not resolved the issue. Reimporting the plugin has not solved our issue either.
When using the Java client, there is a warning that -"The terminal server disconnected before licence negotiation completed. Possible cause: terminal server could not issue a licence"When a user clicks on a bookmark or types in a server name that is associated to the RDP2 plugin, the page timeouts and goes back to the home screen of the clientless SSL vpn.
View 1 Replies
View Related
Dec 12, 2011
get a status on Mac Lion and/or Windows 7 64-bit SSL VPN support for the RV220W? QuickVPN (for Windows 7 64-bit users) and IPSecuritas (for Mac Lion users) are our current workarounds, but for folks that use/own their own equipment we prefer SSL VPN. This is why we retired our WRVS4400N v2 for the RV220W.
View 3 Replies
View Related
Aug 3, 2011
We have a 5520 ASA running 8.4(2). We are trying to setup Clientless VPN access to our SharePoint 2010 environment. We have most of it working, however there are a few things that do not function right in SharePoint via the VPN but function fine internally. Are there any special things to configure specific to SharePoint? Some of the things that do not work include the SharePoint ribbon, up level function, opening of documents within SharePoint, etc.
View 3 Replies
View Related
Jan 25, 2013
I've been developing Node.js apps on my localhost on port 1337 for last two years with no problem as shown below.
$ node app
App started on port 1337
Today I wanted to test how things go with default port 80, so I did:
$ sudo node app
App started on port 80
But after that my network went crazy. Now I can't access any local address including localhost. When I ping to localhost it points to some weird public IP address (218.38.137.125) instead of 127.0.0.1.
[code]....
View 1 Replies
View Related
Aug 3, 2011
I've just bought an E2000 and I Cisco Connect doesn't run on OSX-Lion, and I was unable to find it on support downloads. But this is only a comment, my concern is that I'm not able to see on main menu how many DHCP clients are connected nor of course to check their traffic. Other routers usually provide at least DHCP clients
View 4 Replies
View Related
Jun 12, 2011
when a user login into the Cisco ASA Firewall (v8.3.2) via WebVPN, and accesses the applications. This works fine. In fact, the user can also create bookmarks etc.The problem here is when this user signs off and another user signs in via WebVPN, on the same PC or even on a different PC, this new user can view the screen viewed by the previous user. Basically, even though certain users can view only certain applications, but in my case, not all the time, but most of the time, users logging into via WebVPN can view someone else's profile application.
I suspect this is due to cookies or cache but I'm not sure myself. What can I do to resolve the problem.Currently, this issue is being resolved via a lousy manner i.e. we go to the SMB location and we clear the .CSP file manually, which is not the correct way to address this issue.
View 1 Replies
View Related
