SSL VPN - Anyconnect

Unanswered Question
Feb 5th, 2012

Hi,

Trying to get this working and just will not work!  I have Cisco  Anyconnect SSL VPN and the client connects fine.  but cannot ping the  default gateway (ASA) 10.15.202.2.

From the ASA I cannot even ping the client  who gets the 1st IP address out of the pool.  What am I doing wrong?   Cisco ASA 8.4.

I have sub interfaces on my inside network and the cust1 client user needs access to 10.15.200.0/24

on ASDM logging I can see the connections being built and torn down when trying to connect from client 10.15.202.1 to hosts on the 10.15.200.0 network..  just no connectivity??? 

docco attached.....

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
hebaerte Fri, 02/10/2012 - 05:40

hi

to be able to ping the ip address of the ASA's cust1 interface over the tunnel, configure:

management-access cust1

As for connectivity to the LAN, I think you have your nat reversed, i.e.:

nat (cust1,outside) source static obj_10.15.202.0 obj_10.15.202.0 destination static obj_10.15.200.0 obj_10.15.200.0

should be

nat (cust1,outside) source static obj_10.15.200.0 obj_10.15.200.0 destination static obj_10.15.202.0 obj_10.15.202.0

or

nat (outside,cust1) source static obj_10.15.202.0 obj_10.15.202.0 destination static obj_10.15.200.0 obj_10.15.200.0

hth

Herbert

Actions

Login or Register to take actions

This Discussion

Posted February 5, 2012 at 10:51 PM
Stats:
Replies:1 Avg. Rating:
Views:478 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard