Allow LAN access from Anyconnect remote client

Steven Williams · ‎10-27-2014

Following this article I cannot get local lan access to work.

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/70847-local-lan-pix-asa.html

created an acl:

access-list Local_Lan_Access standard permit host 0.0.0.0

Also NAT Exempt:

nat (outside,outside) source static VPN_NAT VPN_NAT destination static VPN_NAT VPN_NAT description NAT EXEMPT

still nothing. Thoughts?

Steven Williams · ‎10-27-2014

Ugh. Its a routing issue. These ASA's are setup parallel to the current ASA and core 4500s have the default route heading that way, so the return traffic from internal hosts are not getting back to anyconnect clients. I hate testing in migration network setups.

Allow LAN access from Anyconnect remote client

IOS-XEとAnyconnectでRemote Access FlexVPNを設定

Cisco AnyConnect Secure Mobility Client を使用して Remote Access VPN を行う際の設定 (1)

Cisco AnyConnect Secure Mobility Client を使用して Remote Access VPN を行う際の設定 (2)

Doc-Cisco ISE Posture p/ VPN de Acceso Remoto con Cisco Secure Client

Secure Access: Network Tunnel Groupの接続におけるFTDのECMP設定例