WebVPN URL getting time out error


I've been trying to set up WebVPN on my router, having followed the wizard to do this but the problem I get is that the URL I am using keeps getting timeout errors.

Looking at the Feature Availability section 'Home' screen of SDM, this does not indicate that the VPN facility is in use (the green circle does not have a tick in it!).

I've checked and re-checked the config but can't see anything wrong and can confirm that the WebVPN context (ssl) and gateway (gateway_1) are both in service.

I've posted my config below (having removed passwords, IPs etc) and would really appreciate an expert's view on this - it's driving me crazy!!

!This is the running config of the router: myrouter !---------------------------------------------------------------------------- !version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname SPCR01 ! boot-start-marker boot-end-marker ! logging buffered 419600 debugging enable secret 5 xyzabc123 enable password xyzabc123 ! aaa new-model ! ! aaa authentication login default local aaa authentication login sdm_vpn_xauth_ml_1 local aaa authentication login sdm_vpn_xauth_ml_2 local aaa authentication login sdm_vpn_xauth_ml_3 local aaa authorization exec default local ! aaa session-id common ! resource policy ! clock timezone PCTime 0 clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00 ! ! ip cef ! ! ip domain name mydomain ip name-server ! ! voice-card 0 no dspfarm ! ! crypto pki trustpoint TP-self-signed-1440344723 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1440344723 revocation-check none rsakeypair TP-self-signed-1440344723 ! ! crypto pki certificate chain TP-self-signed-1440344723 certificate self-signed 01 3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101

04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 31343430 33343437 3233301E 170D3036 30353032 32323431 33335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 34343033 34343732 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100E220 0DCD79F7 EDBF6B7C 2A9A486B 78D88266 8618CE8E C11DA084 776D6A71 A9B8E5E1 ACA4B6F8 AC018E68 C0FD160C 3E00BB8A B50844B7 8F24E2FF F91CD1B8 F39FFE24 9DA8474E 7C487E5A 84382249 76A7B2E0 CC452A55 61E61D16 B3C6A106 950E5271 B1B971D3 EAD4EF6E A40BD5DF AF43E80B C8CB9B0A 3E068BBA B7D54EF4 FC6D0203 010001A3 73307130 0F060355 1D130101 FF040530 030101FF 301E0603 551D1104 17301582 13535043 5230312E 73706174 656C2E63 6F2E756B 301F0603 551D2304 18301680 1486880E 85EEE656 FDF0201A 984E341E 973F4D29 63301D06 03551D0E 04160414 86880E85 EEE656FD F0201A98 4E341E97 3F4D2963 300D0609 2A864886 F70D0101 04050003 81810056 07FBBDDE E52B4EE3 1EDAAAF9 6BDC53D2 7A167BDA 25B2C01A BF332F88 0430436A 9FCD350C ED21FA50 F5D876AB E6C3A087 B2BB9EA7 0C469D3A 59BF4B20 7EACD4D1 9EE74DE6 B0156D5B 1947407B 4B526EA9 BB944531 16DE8F5E 2296E26B 870FFBCC 3B0368DC E67CDF26 7859787A A26568A3 C04201F0 F7BC6981 EAAEF193 B7F51D quit username myusername privilege 15 secret 5 mypassword ! ! interface FastEthernet0/0 description Internal LAN$ETH-LAN$ ip address ip nat inside ip virtual-reassembly no ip route-cache cef no ip route-cache ip tcp adjust-mss 1452 duplex full speed auto hold-queue 100 out ! interface FastEthernet0/1 no ip address no ip route-cache cef no ip route-cache duplex full speed auto ! interface ATM0/0/0 description ==>ADSL no ip address no ip route-cache cef no ip route-cache no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0/0/0.1 point-to-point description ==>Evo DSL no ip route-cache no snmp trap link-status pvc 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! ! interface Dialer0 description Evo DSL ip address negotiated ip mtu 1492 ip nbar protocol-discovery ip flow ingress ip flow egress ip nat outside ip virtual-reassembly encapsulation ppp ip tcp adjust-mss 1452 dialer pool 1 dialer-group 1 ppp authentication chap callin ppp chap hostname myhostname ppp chap password 0 mypassword ppp ipcp dns request ! ip local pool 172.1.1.x ip route Dialer0 permanent ! ip flow-top-talkers top 20 sort-by packets ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 600 life 86400 requests 10000 ip nat inside source list 1 interface Dialer0 overload ip nat inside source static tcp 25 25 extendable ip nat inside source static tcp 80 80 extendable ip nat inside source static tcp 110 80 110 extendable ip nat inside source static tcp 143 80 143 extendable ip nat inside source static tcp 443 80 443 extendable ! no logging trap access-list 1 remark SDM_ACL Category=2 access-list 1 permit ! ! control-plane ! ! ! ! ^C ! line con 0 speed 115200 line aux 0 line vty 0 4 password mypassword transport input telnet ssh ! scheduler allocate 20000 1000 ntp clock-period 17180084 ntp update-calendar ntp server source Dialer0 prefer ! webvpn gateway gateway_1 hostname ssl ip address port 443 http-redirect port 80 ssl trustpoint TP-self-signed-1440344723 inservice ! webvpn install svc flash:/webvpn/svc.pkg ! webvpn install csd flash:/webvpn/sdesktop.pkg ! webvpn context Default_context ssl authenticate verify all ! no inservice ! ! webvpn context ssl title-color #CCCC66 secondary-color white text-color black ssl authenticate verify all ! url-list "applications" heading "Apps" url-text "Outlook" url-value "https://myinternalurl/exchange" ! nbns-list WINS nbns-server master ! port-forward "PortForward" local-port 3000 remote-server "" remote-port 23 description "Telnet ==> Router" ! policy group policy_1 url-list "applications" port-forward "PortForward" nbns-list "WINS" functions file-access functions file-browse functions file-entry functions svc-enabled hide-url-bar svc address-pool "172.1.1.x" svc default-domain "myinternetdomain" svc split dns "myinternaldomain" svc split include svc split include svc dns-server primary svc wins-server primary default-group-policy policy_1 aaa authentication list sdm_vpn_xauth_ml_3 gateway gateway_1 domain myinternetdomain csd enable inservice ! ! end



Reply to
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.