Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

help:anyconnect users cannot access the outside zone

top.JPG

B is a cisco router running NAT,C is a cisco asa in routed mode,A is a vpn user.

A use anyconnect client connect to ASA and get static ip 172.16.100.10(LDAP Attribute-MAP) On C,i configured a static routing "172.16.0.0/16" and push it down to the client. i do a ping test(ping 172.16.1.1) but no reply from router B,router B has the ip address in the routing table.

  security policy on untrust interface(security level 0):access-list zone_untrust_access_in extended permit ip any any

  no output-policy on any interface,i debug the firewall,the icmp packets were denied by configured rule(default rule is deny any),before this is permit any any

  so i want to know why this happened. when A dialup-in,A is trust,dmz or untrust?

200
Views
0
Helpful
0
Replies
CreatePlease to create content