WebVPN URL getting time out error

Discussion in 'Cisco' started by Sahajesh, May 3, 2006.

  1. Sahajesh

    Sahajesh Guest

    Hi,

    I've been trying to set up WebVPN on my router, having followed the
    wizard to do this but the problem I get is that the URL I am using
    keeps getting timeout errors.

    Looking at the Feature Availability section 'Home' screen of SDM, this
    does not indicate that the VPN facility is in use (the green circle
    does not have a tick in it!).

    I've checked and re-checked the config but can't see anything wrong and
    can confirm that the WebVPN context (ssl) and gateway (gateway_1) are
    both in service.

    I've posted my config below (having removed passwords, IPs etc) and
    would really appreciate an expert's view on this - it's driving me
    crazy!!

    !This is the running config of the router: myrouter
    !----------------------------------------------------------------------------
    !version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname SPCR01
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 419600 debugging
    enable secret 5 xyzabc123
    enable password xyzabc123
    !
    aaa new-model
    !
    !
    aaa authentication login default local
    aaa authentication login sdm_vpn_xauth_ml_1 local
    aaa authentication login sdm_vpn_xauth_ml_2 local
    aaa authentication login sdm_vpn_xauth_ml_3 local
    aaa authorization exec default local
    !
    aaa session-id common
    !
    resource policy
    !
    clock timezone PCTime 0
    clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
    !
    !
    ip cef
    !
    !
    ip domain name mydomain
    ip name-server 192.168.15.11
    !
    !
    voice-card 0
    no dspfarm
    !
    !
    crypto pki trustpoint TP-self-signed-1440344723
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-1440344723
    revocation-check none
    rsakeypair TP-self-signed-1440344723
    !
    !
    crypto pki certificate chain TP-self-signed-1440344723
    certificate self-signed 01
    3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101
    04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D
    43657274
    69666963 6174652D 31343430 33343437 3233301E 170D3036 30353032
    32323431
    33335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504
    03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31
    34343033
    34343732 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030
    81890281
    8100E220 0DCD79F7 EDBF6B7C 2A9A486B 78D88266 8618CE8E C11DA084
    776D6A71
    A9B8E5E1 ACA4B6F8 AC018E68 C0FD160C 3E00BB8A B50844B7 8F24E2FF
    F91CD1B8
    F39FFE24 9DA8474E 7C487E5A 84382249 76A7B2E0 CC452A55 61E61D16
    B3C6A106
    950E5271 B1B971D3 EAD4EF6E A40BD5DF AF43E80B C8CB9B0A 3E068BBA
    B7D54EF4
    FC6D0203 010001A3 73307130 0F060355 1D130101 FF040530 030101FF
    301E0603
    551D1104 17301582 13535043 5230312E 73706174 656C2E63 6F2E756B
    301F0603
    551D2304 18301680 1486880E 85EEE656 FDF0201A 984E341E 973F4D29
    63301D06
    03551D0E 04160414 86880E85 EEE656FD F0201A98 4E341E97 3F4D2963
    300D0609
    2A864886 F70D0101 04050003 81810056 07FBBDDE E52B4EE3 1EDAAAF9
    6BDC53D2
    7A167BDA 25B2C01A BF332F88 0430436A 9FCD350C ED21FA50 F5D876AB
    E6C3A087
    B2BB9EA7 0C469D3A 59BF4B20 7EACD4D1 9EE74DE6 B0156D5B 1947407B
    4B526EA9
    BB944531 16DE8F5E 2296E26B 870FFBCC 3B0368DC E67CDF26 7859787A
    A26568A3
    C04201F0 F7BC6981 EAAEF193 B7F51D
    quit
    username myusername privilege 15 secret 5 mypassword
    !
    !
    interface FastEthernet0/0
    description Internal LAN$ETH-LAN$
    ip address 192.168.15.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    no ip route-cache cef
    no ip route-cache
    ip tcp adjust-mss 1452
    duplex full
    speed auto
    hold-queue 100 out
    !
    interface FastEthernet0/1
    no ip address
    no ip route-cache cef
    no ip route-cache
    duplex full
    speed auto
    !
    interface ATM0/0/0
    description ==>ADSL
    no ip address
    no ip route-cache cef
    no ip route-cache
    no atm ilmi-keepalive
    dsl operating-mode auto
    !
    interface ATM0/0/0.1 point-to-point
    description ==>Evo DSL
    no ip route-cache
    no snmp trap link-status
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    !
    interface Dialer0
    description Evo DSL
    ip address negotiated
    ip mtu 1492
    ip nbar protocol-discovery
    ip flow ingress
    ip flow egress
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    ip tcp adjust-mss 1452
    dialer pool 1
    dialer-group 1
    ppp authentication chap callin
    ppp chap hostname myhostname
    ppp chap password 0 mypassword
    ppp ipcp dns request
    !
    ip local pool 172.1.1.x 172.1.1.2 172.1.1.10
    ip route 0.0.0.0 0.0.0.0 Dialer0 permanent
    !
    ip flow-top-talkers
    top 20
    sort-by packets
    !
    ip http server
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 600 life 86400 requests 10000
    ip nat inside source list 1 interface Dialer0 overload
    ip nat inside source static tcp 192.168.15.10 25 2.3.4.5 25 extendable
    ip nat inside source static tcp 192.168.15.10 80 2.3.4.5 80 extendable
    ip nat inside source static tcp 192.168.15.10 110 2.3.4.5 80 110
    extendable
    ip nat inside source static tcp 192.168.15.10 143 2.3.4.5 80 143
    extendable
    ip nat inside source static tcp 192.168.15.10 443 2.3.4.5 80 443
    extendable
    !
    no logging trap
    access-list 1 remark SDM_ACL Category=2
    access-list 1 permit 192.168.15.0 0.0.0.255
    !
    !
    control-plane
    !
    !
    !
    !
    ^C
    !
    line con 0
    speed 115200
    line aux 0
    line vty 0 4
    password mypassword
    transport input telnet ssh
    !
    scheduler allocate 20000 1000
    ntp clock-period 17180084
    ntp update-calendar
    ntp server 17.72.133.42 source Dialer0 prefer
    !
    webvpn gateway gateway_1
    hostname ssl
    ip address 2.3.4.4 port 443
    http-redirect port 80
    ssl trustpoint TP-self-signed-1440344723
    inservice
    !
    webvpn install svc flash:/webvpn/svc.pkg
    !
    webvpn install csd flash:/webvpn/sdesktop.pkg
    !
    webvpn context Default_context
    ssl authenticate verify all
    !
    no inservice
    !
    !
    webvpn context ssl
    title-color #CCCC66
    secondary-color white
    text-color black
    ssl authenticate verify all
    !
    url-list "applications"
    heading "Apps"
    url-text "Outlook" url-value "https://myinternalurl/exchange"
    !
    nbns-list WINS
    nbns-server 192.168.15.11 master
    !
    port-forward "PortForward"
    local-port 3000 remote-server "192.168.15.1" remote-port 23
    description "Telnet ==> Router"
    !
    policy group policy_1
    url-list "applications"
    port-forward "PortForward"
    nbns-list "WINS"
    functions file-access
    functions file-browse
    functions file-entry
    functions svc-enabled
    hide-url-bar
    svc address-pool "172.1.1.x"
    svc default-domain "myinternetdomain"
    svc split dns "myinternaldomain"
    svc split include 192.168.15.0 255.255.255.0
    svc split include 192.168.1.0 255.255.255.0
    svc dns-server primary 192.168.15.11
    svc wins-server primary 192.168.15.11
    default-group-policy policy_1
    aaa authentication list sdm_vpn_xauth_ml_3
    gateway gateway_1 domain myinternetdomain
    csd enable
    inservice
    !
    !
    end

    Thanks,

    Sahajesh.
    Sahajesh, May 3, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?RGF2aWQgRGF5?=

    DNS error or Time Out error following Broadband Upgrade

    =?Utf-8?B?RGF2aWQgRGF5?=, May 4, 2005, in forum: Microsoft Certification
    Replies:
    2
    Views:
    750
    BrainLock
    May 6, 2005
  2. Quiz Time
    Replies:
    3
    Views:
    7,224
    ┬░Mike┬░
    Aug 25, 2004
  3. lcalcote

    WebVPN SSL Tunnel VRF error

    lcalcote, Aug 18, 2006, in forum: Cisco
    Replies:
    0
    Views:
    988
    lcalcote
    Aug 18, 2006
  4. Replies:
    1
    Views:
    1,999
    K&(2F7#$R
    Jun 10, 2007
  5. suresh_rtp
    Replies:
    0
    Views:
    1,088
    suresh_rtp
    Jul 7, 2009
Loading...

Share This Page