Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

AnyConnect client can ping remote ASA inside IP, but not computers on same subnet.

Have an ASA, which I can connect to with an Adroid AnyConnect client from the internet.

Here is the config for that ASA:

http://pastebin.com/raw.php?i=nz8pmYPj

Have another ASA, which has a site-to-site VPN tunnel established with the first ASA.

Here is the config for that ASA:

http://pastebin.com/raw.php?i=m5hX5kZy

Currently, the AnyConnect client can ping local devices on the main ASA inside subnet.

It can also ping the inside interface of the second ASA.

However, it cannot ping other devices on the inside subnet of the second ASA, why?

2 REPLIES
New Member

Re: AnyConnect client can ping through one ASA, to inside interf

Update: Created diagram to better show what's happening.

gorman-issue.png

New Member

AnyConnect client can ping remote ASA inside IP, but not compute

This line fixed it, in the Kanai ASA config:

access-list out-in extended permit ip 192.168.99.0 255.255.255.0 any

825
Views
0
Helpful
2
Replies
CreatePlease to create content