Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Unable to access internet using Anyconnect client

Hi Everyone,

I have config both anyconnect and RA split tunnel VPN on the ASA.

When using anyconnect client i can connect to Inside network fine but can not access internet sites.

I have this ACL to allow only 10.0.0.0  subnet traffic via Anyconnect client.

Internet traffic should not be using anyconnect tunnel.

access-list just-10 line 1 remark ACL to only  Allow 10.0.0.0/24 through Tunnel

access-list just-10 line 2 standard permit 10.0.0.0 255.255.255.0 (hitcnt=0) 0xb8dcdb54

Regards

MAhesh

1 ACCEPTED SOLUTION

Accepted Solutions
Super Bronze

Unable to access internet using Anyconnect client

Hi,

If you are seeing this traffic on the ASA then it means this traffic is tunneled to the ASA through the VPN connection as you can see from the log message.

If would still like to see some configirations to rule out possible problems on the ASA

show run username anyconnect_user

show run tunnel-group

show run group-policy

Naturally use the "tunnel-group" and "group-policy" names that your connection uses.

There are some DNS related settings with SSL VPN but to my understanding with the currently given information it should not affect your situation.

- Jouni

4 REPLIES
New Member

Unable to access internet using Anyconnect client

Hi,

also when i open to access any internet website log shows

Jan 26 2014 19:18:39: %ASA-6-302016: Teardown UDP connection 55050 for outside:10.0.0.51/52176(LOCAL\anyconnect_user) to outside:64.59.144.19/53 duration 0:00:00 bytes 0 (anyconnect_user)

Where 10.0.0.51 is VPN Client IP.

Also when i do nslookup to google.ca

it shows DNS request time out

Where DNS server IP is 64.59.144.19

Regards

MAhesh

Super Bronze

Unable to access internet using Anyconnect client

Hi,

If you are seeing this traffic on the ASA then it means this traffic is tunneled to the ASA through the VPN connection as you can see from the log message.

If would still like to see some configirations to rule out possible problems on the ASA

show run username anyconnect_user

show run tunnel-group

show run group-policy

Naturally use the "tunnel-group" and "group-policy" names that your connection uses.

There are some DNS related settings with SSL VPN but to my understanding with the currently given information it should not affect your situation.

- Jouni

Super Bronze

Unable to access internet using Anyconnect client

Hi Mahesh,

Were you able to determine the cause of this problem?

- Jouni

New Member

Unable to access internet using Anyconnect client

Hi Jouni,

Issue was that i was using split tunneling and using ASDM i selected option allowed tunnel  and choose the option under IPV6 .

Once i choose under right field all was good.

Regards

247
Views
5
Helpful
4
Replies
CreatePlease to create content