Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Problems with VPN on 5515-X

Hi all !

 

I have setup VPN on my 5515-X and I can login from the internet, and I get an ip address from the dhcp server, but I cannot ping or access anything on any vlans or the internet. My workstation on the inside can ping the vpn client.

 

I want the vpn clients to access 2 vlans: vlan3+4.

 

DHCP scope for vpn clients: 172.16.0.10 - 172.16.0.49

 

I think I have a problem with my NAT or Access rules

 

Under anyconnect connection profile I have set the: "Bypass interface access lists for inbounds vpn sessions" .... does this mean I dont have to set Access rules for this traffic ?

 

And I have this NAT rule:

 

nat (inside,vlan3) source static any any destination static NETWORK_OBJ_172.16.0.0_25 NETWORK_OBJ_172.16.0.0_25 no-proxy-arp route-lookup

 

 

I think it is something simple I have not setup correctly and I appreciate any help

 

Thanks

 

Carsten

 

Everyone's tags (1)
3 REPLIES

Hi Carsten,Your picture didn

Hi Carsten,

Your picture didn't seem to post properly. Can you post your config? It sounds like an identity NAT issue. 

The "bypass access-lists" just means that the VPN traffic will not be filtered by access-lists assigned to the firewall interfaces.

Regards,

Mike

Community Member

nat (inside,vlan3) source

nat (inside,vlan3) source static any any destination static NETWORK_OBJ_172.16.0.0_25 NETWORK_OBJ_172.16.0.0_25 no-proxy-arp route-lookup

It's impossible for me to

It's impossible for me to determine the issue based on the info you have posted. If you can post a sanitized config, it would help greatly.

Regards,

Mike

39
Views
0
Helpful
3
Replies
CreatePlease to create content