Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

AnyConnect client can't ping IOS webvpn

I've setup webvpn on a 3825 and AnyConnect clients can connect and check for updates but none can reach any addresses on the internal network. The IP addresses they are issued are not pingable from the router. I'm a bit of a novice but I've checked all of the support articles and can't seem to figure out what I've done wrong. Any pointers would be appreciated.

3800 Software (C3825-ADVENTERPRISEK9-M), Version 12.4(20)T

3 REPLIES

Re: AnyConnect client can't ping IOS webvpn

do u have the nat emption configured correctly

u need to have a deny staement in ur nat ACL should be first line which deny any ip traffic from ur internal LAN to the IP address pool of the anyconnect

this will exmpt the returne traffic to vpnuseres from being nated

good luck

if helpful Rate

Community Member

Re: AnyConnect client can't ping IOS webvpn

I've done some homework on nat exemptions and I think I set them up correctly but maybe not. I still can't ping from the client to the internal network nor from the internal network to the assigned client pool ip.

I've attached my configuration and output from a debug of the ping and nat. If someone can make any more suggestions they would be appreciated.

Community Member

Re: AnyConnect client can't ping IOS webvpn

I wanted to post a final update. I found my error. WebVPN on my 3825 is now working as expected. It was a routing issue unrelated to the WebVPN setup.

520
Views
0
Helpful
3
Replies
CreatePlease to create content