Hi all, I have a Cisco ASA 5510 that I have AnyConnect VPN clients. At the local network I have an IPsec tunnel to a remote site. My inside interface on the ASA 5510 is 192.168.112.1/24, my IPpool for AnyConnect clients is 192.168.117.0/24. I have a seperate ASA 5505 that handles the VPN to my remote network. The 5505 inside interface is 192.168.112.10/24. The IPsec tunnel is up and runs fine for local users, a remote network is 10.1.0.0/16 I can ping clients no issues locally. When an AnyConnect VPN remote user pings any host on the 10.1.0.0/16 network I get time outs..Is it because the 5505 doesnt have a route to the AnyConnect IP pool 117.0/24?
A route to the AnyConnect-Pool pointing to your main ASA.
The AnyConnect pool needs to be included into the crypto definition that you use in your crypto map: permit ip 192.168.112.0 255.255.255.0 10.1.0.0 255.255.0.0 permit ip 192.168.117.0 255.255.255.0 10.1.0.0 255.255.0.0
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...