cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
690
Views
0
Helpful
1
Replies

SSL VPN - Anyconnect

Hi,

Trying to get this working and just will not work!  I have Cisco  Anyconnect SSL VPN and the client connects fine.  but cannot ping the  default gateway (ASA) 10.15.202.2.

From the ASA I cannot even ping the client  who gets the 1st IP address out of the pool.  What am I doing wrong?   Cisco ASA 8.4.

I have sub interfaces on my inside network and the cust1 client user needs access to 10.15.200.0/24

on ASDM logging I can see the connections being built and torn down when trying to connect from client 10.15.202.1 to hosts on the 10.15.200.0 network..  just no connectivity??? 

docco attached.....

1 Reply 1

Herbert Baerten
Cisco Employee
Cisco Employee

hi

to be able to ping the ip address of the ASA's cust1 interface over the tunnel, configure:

management-access cust1

As for connectivity to the LAN, I think you have your nat reversed, i.e.:

nat (cust1,outside) source static obj_10.15.202.0 obj_10.15.202.0 destination static obj_10.15.200.0 obj_10.15.200.0

should be

nat (cust1,outside) source static obj_10.15.200.0 obj_10.15.200.0 destination static obj_10.15.202.0 obj_10.15.202.0

or

nat (outside,cust1) source static obj_10.15.202.0 obj_10.15.202.0 destination static obj_10.15.200.0 obj_10.15.200.0

hth

Herbert

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: