customer is trying to change over from ipsec client to anyconnect, but having very strange results. For example, run the ipsec client and web into CallManager no problem. With Anyconnect will not work. ASA log shows connections being set up and then syn timeout. It must be something simple, but I don't see it. I have changed the access-lists to allow anything. You can ping the callmanager but you can't web into it. You can net view some servers but not others. Makes no sense. Trying to figure out where to start.
When the user connects, get the output of "show vpn-s svc", does it show the user using DTLS?
Also, are they connecting to the same ASA they were connecting to from the VPN client?
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: