Skip navigation
Login   |   Register
Cisco Learning Home > Certifications > Security (CCNP Security) > Discussions

_Communities

This Question is Not Answered 1 Correct Answer available (4 pts) 2 Helpful Answers available (2 pts)
527 Views 0 Replies Latest reply: Mar 5, 2013 9:48 PM by Shyamraj RSS

Currently Being Moderated

SSL VPN connects but doesn't show the login screen

Mar 5, 2013 9:48 PM

Shyamraj 28 posts since
Aug 4, 2010

Hi All,

 

I tried setting up SSL VPN and here's the topology:

 

topology.png

 

I set up the SSL VPN on the router and tried accessing it from the browser. It gives me the certificate error which I accepted but doesn't show me the username and password - login screen.

 

However on the router I do get this msg: "Mar  6 11:11:34.443: %SSLVPN-5-SSL_TLS_CONNECT_OK: vw_ctx: UNKNOWN vw_gw: MY-GATEWAY i_vrf: 0 f_vrf: 0 status: SSL/TLS connection successful with remote at 192.168.1.10:62659"

 

Here's the running config of R6:

 

R6#show run

Building configuration...

 

Current configuration : 3204 bytes

!

! Last configuration change at 11:13:07 UTC Wed Mar 6 2013

! NVRAM config last updated at 11:06:41 UTC Wed Mar 6 2013

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R6

!

boot-start-marker

boot-end-marker

!

aaa new-model

!

aaa authentication login AUTH local

!

aaa session-id common

memory-size iomem 5

ip cef

!

no ip domain lookup

ip domain name cisco.com

ip host R6.cisco.com 192.168.1.2

!

multilink bundle-name authenticated

!

crypto pki trustpoint TP-self-signed-4279256517

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-4279256517

revocation-check none

rsakeypair TP-self-signed-4279256517

!

!

crypto pki certificate chain TP-self-signed-4279256517

certificate self-signed 02

  30820244 308201AD A0030201 02020102 300D0609 2A864886 F70D0101 04050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 34323739 32353635 3137301E 170D3133 30333036 31313036

  34315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 32373932

  35363531 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  8100CF01 E9F5B241 9DB955CB 78678629 C66DAD79 AB269C37 272BD5B6 5643009E

  7441AE47 4428263A F24FBB28 14DD06DA ECB53644 233CE81C 988BDD6D 3180350E

  4C404489 C0F6641F E82BC289 B4F8B631 F157EBDC 00A7B2E9 51C3545D 087A208E

  9DFC845F 0E0618A3 6E14DADB 5B2C1A25 0330FC0E DCB8EA0B E99817D2 9ACA156B

  4BB90203 010001A3 6C306A30 0F060355 1D130101 FF040530 030101FF 30170603

  551D1104 10300E82 0C52362E 63697363 6F2E636F 6D301F06 03551D23 04183016

  8014FADB 7AA7E6E7 C43BD923 93E83061 7A4611C0 E59E301D 0603551D 0E041604

  14FADB7A A7E6E7C4 3BD92393 E830617A 4611C0E5 9E300D06 092A8648 86F70D01

  01040500 03818100 95023B76 9CB1EE29 A3F831B1 24799731 DC3EE534 75C30E20

  76396C48 F1444927 007ABB64 AA07BEFA D591C104 AFD95A99 23F4F386 7869842B

  7EEB8BFC C255D31A 3889612D E15D0C84 BE164ADC CD613EB1 0A39E311 33048FA7

  AEEB1B93 DFD4892D 574610DC 4CB3B59F BE425C95 AFC6450D 5466A02A 26E9D474

  868E55C2 77E51625

        quit

!

!

username shyam password 0 cisco

archive

log config

  hidekeys

!

!

!

!

!

!

!

!

interface FastEthernet0/0

ip address 192.168.1.12 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

ip forward-protocol nd

!

!

ip http server

ip http secure-server

!

control-plane

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

!

!

!

webvpn gateway MY-GATEWAY

hostname GW1

ip address 192.168.1.12 port 443

http-redirect port 80

ssl encryption aes-sha1

ssl trustpoint TP-self-signed-4279256517

logging enable

inservice

!

webvpn context MY-CONTEXT

title-color blue

ssl authenticate verify all

!

login-message "PLEASE LOG IN"

!

policy group MY-POLICY

default-group-policy MY-POLICY

aaa authentication list AUTH

gateway MY-GATEWAY

inservice

!

end

 

Is my config missing something?

 

Thanks in advance.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)