Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

help:anyconnect users cannot access the outside zone

top.JPG

  B is a cisco router running NAT,C is a cisco asa in routed mode,A is a vpn user.
A use anyconnect client connect to ASA and get static ip 172.16.100.10(LDAP Attribute-MAP) On C,i configured a static routing "192.168.0.0/16" and push it down to the client. i do a ping test(ping 172.16.1.1) but no reply from router B,router B has the ip address in the routing table.
  security policy on untrust interface(security level 0):access-list zone_untrust_access_in extended permit ip any any
  no output-policy on any interface,i debug the firewall,the icmp packets were denied by configured rule(default rule is deny any),before this is permit any any
  so i want to know why this happened. when A dialup-in,A is trust,dmz or untrust?

267
Views
0
Helpful
0
Replies