Packet Tracer lab 16 : Clientless SSL VPN

: Last Updated: 03 May 2023

Lab instructions

SSL VPN technology can be configured in three ways :

Thin Client VPN
SSL VPN Client
Clientless SSL VPN (WebVPN)

Clientless SSL VPN is a technology allowing limited but secure access to internal network ressources from any location using a web browser. No specific VPN client is needed, a remote user only needs an SSL-enabled web browser to access http- or https-enabled web servers on the internal network. This technology is available on ASA 5505 firewall and has been implemented in Packet Tracer 7.1 network simulator.

Firewall configuration to apply in this lab:

Outside IP : 192.168.1.1/24
Inside IP : 192.168.2.1/24
User login : test
User password : test.test
Website IP : site 1

Network diagram

Solution

1. Create the bookmark site1 to the URL http://192.168.2.3 on the ASA 5505 firewall

2. Apply the following configuration to the firewall :

interface Vlan1
nameif inside
security-level 100
ip address 192.168.2.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 192.168.1.1 255.255.255.0
!
webvpn
enable outside
object network LAN
subnet 192.168.2.0 255.255.255.0
!
object network LAN
nat (inside,outside) dynamic interface
!
group-policy group1 internal
group-policy group1 attributes
vpn-tunnel-protocol ssl-clientless
webvpn
url-list value site1
username test password D35rLrqYJOMRHDCX encrypted
username test attributes
vpn-group-policy group1
!
!

Packet Tracer lab 16 : Clientless SSL VPN

Lab instructions

Read next :

Download Cisco Packet Tracer 8.2.1 & GNS3

Lab 20 - CBAC trafic Inspection with ISR router

Lab 2 - Switch interfaces configuration

Lab 1 - Basic switch setup

Lab 11 - HDLC

Network diagram

Solution