I have configured a 1841 router for SSL VPN and this works great, the client connects and downloads Any Connect and then I establish a VPN. The issue I have is that I have two VLANS on the router, the default VLAN 1 and VLAN 4 on a sub interface.
From the client I can ping the sub interface IP address and I can ping any IP address on a client in the defautl vlan, the ping ends with request timed out so this suggests that the packet makes to the destination and is dropped on the way back. What I am trying to work out is how does the Any Connect client be VLAN aware so it can connect to the computer in VLAN 4?
I havent posted config yet in case its a simple issue that I need to make!
Yes, if the Anyconnect pool is in the same subnet as vlan 4, then it would try to perform arp resolution instead of sending the traffic towards the default gateway. I would suggest that you change the pool to a unique subnet, and you would need to change the ZBFW and NAT exemption ACL accordingly.