cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
580
Views
0
Helpful
4
Replies

site-to-site connection creation broke anyconnect access

jaz0nj4ckal
Level 1
Level 1

ASA = 8.2(1)

ASDM = 6.2(1)

Folks:

Recently I used the wizard to create an IPsec site-to-site connection, which went very smoothly; however, I now noticed that when I connect via Anyconnect 2.5.0217 I cannot get to local and subnatted resources on the network.

I rolled back to saved config file, which was taken before the site-to-site vpn was created, but that did not work as well.

What should I check to see why I can no longer get to different subnets after the site-to-site vpn connection. In addition, I thought once the old config file was applied that would have solved all my issues.

Any sugguestions or comments are welcomed...unfortunately this client does not have a smartnet account so I can't upgrade any of the items yet.

Thank you.

4 Replies 4

ajay chauhan
Level 7
Level 7

Are you able to connect anyconnect VPN ? and network access does not work then i would say check nat exempt rules.

That is correct. I am able to connect via the Anyconnect software, and I am able to PING network resources across my subnets; however, I am unable to use RPD (port: 3386) to connect to any of my servers.

I am not sure what would have changed in my NAT exempt rules, or know where to begin to look. I followed this tutorial http://www.youtube.com/watch?v=lGbsQJOxjsI

What should I look at in my ASDM? Would it be an issue with Default policy group? But I thought the Anyconnect SSL connection would not be effected since the two forms are under different categories, so the only thing I can think of, which is common between between the two is the Default Group Policy.

Hello,

Can you post your configuration, so we can take a look at this issue??

Regards.

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

When I get to the site I will sanitize and upload the startup-config. I have to be honest, that I use the ASDM because I lack cli command knowledge, but I am working on it.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: