help:anyconnect users cannot access the outside zone
B is a cisco router running NAT,C is a cisco asa in routed mode,A is a vpn user. A use anyconnect client connect to ASA and get static ip 172.16.100.10(LDAP Attribute-MAP) On C,i configured a static routing "192.168.0.0/16" and push it down to the client. i do a ping test(ping 172.16.1.1) but no reply from router B,router B has the ip address in the routing table. security policy on untrust interface(security level 0):access-list zone_untrust_access_in extended permit ip any any no output-policy on any interface,i debug the firewall,the icmp packets were denied by configured rule(default rule is deny any),before this is permit any any so i want to know why this happened. when A dialup-in,A is trust,dmz or untrust?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...