A while ago, we had an issue with SSL AnyConnect. The issue was encountered on a Cisco Firepower with ASA image (IOS 9.13) and for some reason it only shows up when using Chrome. Any other browser didn’t seem to have this issue; we’ve tested Firefox and Internet Explorer.
The issue
We couldn’t view the normal AnyConnect page. Instead, the page was displayed as:
<html><script>document.location.replace(‘/+CSCOE+/logon.html?tgroup=GROUP’)</script></html>However, if you paste the URI “/+CSCOE+/logon.html?tgroup=GROUP” manually behind the URL, you will get the correct page.
The solution
The solution was to disable HTTP headers within the webvpn. For this you need to use the CLI. The commands used to resolve this are shown below.
FIREWALL# Configure terminal
FIREWALL(config)# Webvpn
FIREWALL(config-webvpn)# No http-headers
FIREWALL(config-webvpn)#
Afterwards you can see that the page will redirect as usual.
Oh god, You’re the best 😀