Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

SSL VPN - Anyconnect

Hi,

Trying to get this working and just will not work!  I have Cisco  Anyconnect SSL VPN and the client connects fine.  but cannot ping the  default gateway (ASA) 10.15.202.2.

From the ASA I cannot even ping the client  who gets the 1st IP address out of the pool.  What am I doing wrong?   Cisco ASA 8.4.

I have sub interfaces on my inside network and the cust1 client user needs access to 10.15.200.0/24

on ASDM logging I can see the connections being built and torn down when trying to connect from client 10.15.202.1 to hosts on the 10.15.200.0 network..  just no connectivity??? 

docco attached.....

1 REPLY
Cisco Employee

SSL VPN - Anyconnect

hi

to be able to ping the ip address of the ASA's cust1 interface over the tunnel, configure:

management-access cust1

As for connectivity to the LAN, I think you have your nat reversed, i.e.:

nat (cust1,outside) source static obj_10.15.202.0 obj_10.15.202.0 destination static obj_10.15.200.0 obj_10.15.200.0

should be

nat (cust1,outside) source static obj_10.15.200.0 obj_10.15.200.0 destination static obj_10.15.202.0 obj_10.15.202.0

or

nat (outside,cust1) source static obj_10.15.202.0 obj_10.15.202.0 destination static obj_10.15.200.0 obj_10.15.200.0

hth

Herbert

481
Views
0
Helpful
1
Replies