Re: Web VPN URL-List on ASA (8.0)

First I thought it was my browser, now I have trried it with FF but the
problem persists. But I have managed to capture the Java debug output if
anyone can help decode this pls:

network: Cache entry not found [url:
https://191.1.114.11/+CSCOT+/translation-table?textdomain=PortForwarder&type=po&default-lang=true&lang=en-US,
version: null]
network: Connecting
https://191.1.114.11/+CSCOT+/translation-table?textdomain=PortForwarder&type=po&default-lang=true&lang=en-USwith
proxy=DIRECT
Error reading localization: java.net.SocketException: Unconnected sockets
not implemented
Exception in thread "thread applet-WebVpnPortForward.class-1"
java.lang.UnsatisfiedLinkError: C:\Documents and
Settings\Administrator\WebVpnRegKey6-191-1-114-11.dll: %1 is not a valid
Win32 application
    at java.lang.ClassLoader$NativeLibrary.load(Native Method)
    at java.lang.ClassLoader.loadLibrary0(Unknown Source)
    at java.lang.ClassLoader.loadLibrary(Unknown Source)
    at java.lang.Runtime.load0(Unknown Source)
    at java.lang.System.load(Unknown Source)
    at WebVpnPortForward.getWebVpnDll(WebVpnPortForward.java:963)
    at WebVpnPortForward.start(WebVpnPortForward.java:431)
    at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown
Source)
    at java.lang.Thread.run(Unknown Source)

On Thu, May 14, 2009 at 3:44 PM, Erik Witkop <ewitkop_at_gmail.com> wrote:

> Here is a good doc.
>
>
> http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008072462a.shtml
>
> You need to allow the function of portforward in the group policy.
>
>
> Sadiq Yakasai wrote:
>
>> Hi George,
>>
>> Please let us know if you get any luck with that... my portforward config
>> just wont work and URL list is even a non starter for now!
>>
>> Thanks,
>>
>> On Thu, May 14, 2009 at 3:31 PM, george greaves <george_at_ciscodesign.org<mailto:
>> george_at_ciscodesign.org>> wrote:
>>
>> You were right, I dumped in a default config from cisco and the
>> other banners showed up.
>> Still having problems with the port forward but that is a local PC
>> issue. It's loading a cached one from the corp.
>>
>> Thank you
>> George
>>
>>
>> On Thu, May 14, 2009 at 9:32 AM, Erik Witkop <ewitkop_at_gmail.com
>> <mailto:ewitkop_at_gmail.com>> wrote:
>>
>> I don't think licensing is the issue. By default you should
>> have 2 SSL licenses.
>>
>> Please send your config.
>>
>>
>> Erik Witkop
>> http://newenglandnetworkconsulting.com/
>> CCIE#18808
>>
>>
>> george greaves wrote:
>>
>> On this same subject...
>> Has anyone tried Webvpn on a Cisco ASA 5505 with basic
>> license?
>> I can turn it on, and login. I don't get a list of links
>> nor does the port
>> features work.
>> Is this a licensing issue?
>>
>> Thank you
>> George
>>
>> On Wed, May 13, 2009 at 2:50 PM, Stuart Hare
>> <stuart.hare_at_googlemail.com
>> <mailto:stuart.hare_at_googlemail.com>>wrote:
>>
>>
>> Sadiq,
>>
>> Port forwarding should work fine. URL Lists on the
>> other hand are now
>> deprecated from the CLI configuration so not supported.
>> I beleive there may be some URL support when doing the
>> SSL VPN via the ASDM
>> as there is extra functionality there apparently, but
>> I havent tried it (
>> not being a fan of gui's and all ).
>> Stu
>> On Wed, May 13, 2009 at 12:43 PM, Sadiq Yakasai
>> <sadiqtanko_at_gmail.com <mailto:sadiqtanko_at_gmail.com>
>>
>>
>> wrote:
>> I have been trying to get URL-Listing on 8.0
>> code and having a tough time
>> doing this. Also. when portforwarding is envoked
>> on the PC, the page just
>> hangs and nothing appears in the dialog box that
>> launches on the
>>
>> webbrowser
>>
>> (after the I successfully log into the WebVPN
>> page), although ASA says
>>
>> the
>>
>> vpn-session is established and connected. See
>> sample config for 8.0
>>
>> below:
>>
>> username WEBUSER password oW41BWsG68c8N2FO encrypted
>>
>> webvpn
>> enable Public
>> port-forward PORTFORWARD 2023 191.1.118.10 telnet
>> tunnel-group-list enable
>>
>> group-policy WEBVPN internal
>> group-policy WEBVPN attributes
>> vpn-tunnel-protocol webvpn
>> webvpn
>> port-forward name PORTFORWARD
>> port-forward auto-start PORTFORWARD
>> url-entry enable
>>
>> tunnel-group WEBVPN type remote-access
>> tunnel-group WEBVPN general-attributes
>> default-group-policy WEBVPN
>> tunnel-group WEBVPN webvpn-attributes
>> group-alias WEB enable
>>
>>
>> Anyone knows if URL_List is even supported? They
>> seem to be talking about
>> some "Smart tunnels" feature. Is this like a
>> replacement for the
>>
>> URL-List?
>>
>> I
>> simply just dont see any information related to
>> url-list on the config
>> guide
>> for 8.0
>>
>> Thanks as usual guys,
>> Sadiq
>>
>> --
>> CCIE #19963
>>
>>
>>
>> --
>> Stuart Hare
>>
>> stuart.hare_at_gmail.com <mailto:stuart.hare_at_gmail.com>
>>
>>
>>
>>
>>
>>
>>
>> -- Erik Witkop, CCIE#18808 CISSP
>> Boston, MA
>> http://newenglandnetworkconsulting.com/
>>
>>
>>
>>
>> -- George Greaves
>> Network Engineer
>> george_at_ciscodesign.org <mailto:george_at_ciscodesign.org>
>> AIM:ggtop3
>>
>>
>>
>>
>> --
>> CCIE #19963
>>
>
> --
> Erik Witkop, CCIE#18808 CISSP
> Boston, MA
> http://newenglandnetworkconsulting.com/
>
>
>

-- 
CCIE #19963
Blogs and organic groups at http://www.ccie.net