F5F Stay Refreshed Power Users Networks Connection failure occurs when attempting to link to Cisco AnyConnect VPN following a port adjustment.

Connection failure occurs when attempting to link to Cisco AnyConnect VPN following a port adjustment.

Connection failure occurs when attempting to link to Cisco AnyConnect VPN following a port adjustment.

Pages (2): 1 2 Next
R
Rubb_
Member
Find
123
12-03-2023, 05:13 AM
#1
You're facing an issue with your Cisco ASA 5505 where you attempted to switch HTTPS and DTLS ports from 443 to 8443 but didn't see any changes. It might help to double-check the port forwarding rules, ensure the correct IP addresses are assigned, and verify that the firewall configuration is applied properly. If needed, reconfigure the device carefully.
Reply
Reply
R
Rubb_
12-03-2023, 05:13 AM #1

You're facing an issue with your Cisco ASA 5505 where you attempted to switch HTTPS and DTLS ports from 443 to 8443 but didn't see any changes. It might help to double-check the port forwarding rules, ensure the correct IP addresses are assigned, and verify that the firewall configuration is applied properly. If needed, reconfigure the device carefully.

Reply
Reply
_
___iRekt___
Senior Member
Find
505
12-03-2023, 01:58 PM
#2
No, I didn't generate the firewall rules myself.
Reply
Reply
_
___iRekt___
12-03-2023, 01:58 PM #2

No, I didn't generate the firewall rules myself.

Reply
Reply
J
johnsrealm
Member
Find
176
12-03-2023, 08:01 PM
#3
Firewall configured per instructions.
Reply
Reply
J
johnsrealm
12-03-2023, 08:01 PM #3

Firewall configured per instructions.

Reply
Reply
R
ReelFishn
Member
Find
169
12-18-2023, 09:03 AM
#4
This is the only idea I presented.
Reply
Reply
R
ReelFishn
12-18-2023, 09:03 AM #4

This is the only idea I presented.

Reply
Reply
A
AnnaLovesCake
Member
Find
72
12-18-2023, 02:05 PM
#5
Do you have any suggestions?
Reply
Reply
A
AnnaLovesCake
12-18-2023, 02:05 PM #5

Do you have any suggestions?

Reply
Reply
G
GBLeon
Member
Find
150
12-18-2023, 07:48 PM
#6
Thank you!
Reply
Reply
G
GBLeon
12-18-2023, 07:48 PM #6

Thank you!

Reply
Reply
H
high5ghost_101
Junior Member
Find
17
12-23-2023, 03:21 PM
#7
Can you post the relevant configs after they've been sanitized? show run nat show run web show run http
Reply
Reply
H
high5ghost_101
12-23-2023, 03:21 PM #7

Can you post the relevant configs after they've been sanitized? show run nat show run web show run http

Reply
Reply
A
ASFLavaCraft
Member
Find
64
12-23-2023, 07:51 PM
#8
run nat nat (Wifi,outside) source static any interface nat (inside,outside) source static any any destination static NETWORK_OBJ_10.10.100.0_24 NETWORK_OBJ_10.10.100.0_24 no-proxy-arp route-lookup nat (inside,outside) source static inside_net inside_net destination static AnyConnect AnyConnect ! object network obj_any nat (inside,outside) dynamic interface hq-asa# show run web webvpn enable outside dtls port 8443 no anyconnect-essentials anyconnect image disk0:/anyconnect-win-4.5.03040-webdeploy-k9.pkg 1 anyconnect profiles VPN_client_profile disk0:/VPN_client_profile.xml anyconnect enable port-forward 443 https 172.16.105.68 https tunnel-group-list enable hq-asa# show run http http server enable http 172.16.105.0 255.255.255.0 inside http 100.100.1.0 255.255.255.0 outside http 192.168.1.0 255.255.255.0 inside http 192.168.1.0 255.255.255.0 outside http 10.10.100.0 255.255.255.0 inside http 10.10.100.0 255.255.255.0 outside http 100.100.1.0 255.255.255.0 inside http 172.16.105.0 255.255.255.0 outside http 172.16.106.0 255.255.255.0 Wifi hq-asa# show run
Reply
Reply
A
ASFLavaCraft
12-23-2023, 07:51 PM #8

run nat nat (Wifi,outside) source static any interface nat (inside,outside) source static any any destination static NETWORK_OBJ_10.10.100.0_24 NETWORK_OBJ_10.10.100.0_24 no-proxy-arp route-lookup nat (inside,outside) source static inside_net inside_net destination static AnyConnect AnyConnect ! object network obj_any nat (inside,outside) dynamic interface hq-asa# show run web webvpn enable outside dtls port 8443 no anyconnect-essentials anyconnect image disk0:/anyconnect-win-4.5.03040-webdeploy-k9.pkg 1 anyconnect profiles VPN_client_profile disk0:/VPN_client_profile.xml anyconnect enable port-forward 443 https 172.16.105.68 https tunnel-group-list enable hq-asa# show run http http server enable http 172.16.105.0 255.255.255.0 inside http 100.100.1.0 255.255.255.0 outside http 192.168.1.0 255.255.255.0 inside http 192.168.1.0 255.255.255.0 outside http 10.10.100.0 255.255.255.0 inside http 10.10.100.0 255.255.255.0 outside http 100.100.1.0 255.255.255.0 inside http 172.16.105.0 255.255.255.0 outside http 172.16.106.0 255.255.255.0 Wifi hq-asa# show run

Reply
Reply
W
w3ssl3y
Junior Member
Find
17
12-31-2023, 03:04 AM
#9
Avoid finding NAT rules that redirect 443 to 8443. Instead, use the following configuration: conf t webvpn no port-forward 443 https 172.16.105.68 https port 8443 exit http server enable 8443
Reply
Reply
W
w3ssl3y
12-31-2023, 03:04 AM #9

Avoid finding NAT rules that redirect 443 to 8443. Instead, use the following configuration: conf t webvpn no port-forward 443 https 172.16.105.68 https port 8443 exit http server enable 8443

Reply
Reply
P
PixelTheFox
Junior Member
Find
15
01-04-2024, 01:00 AM
#10
I've given it a try, but it didn't work. What about this alternative?
Reply
Reply
P
PixelTheFox
01-04-2024, 01:00 AM #10

I've given it a try, but it didn't work. What about this alternative?

Reply
Reply
Pages (2): 1 2 Next