Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
9587
Views
0
Helpful
7
Replies

AnyConnect client not getting default gateway

Go to solution
lcaruso
Level 6
Level 6

‎02-11-2011 06:24 AM - edited ‎03-11-2019 12:49 PM

Hi,

I've just setup my first AnyConnect remote acccess vpn on a 5505 running 8.4(1). Everything works except I'm not getting a default gateway for my remote access vpn connection.I can't see where in the profile to set that up. Can someone point me to that setting please?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
PAUL GILBERT ARIAS
Level 5
Level 5

‎02-11-2011 08:25 AM

as far as I rememeber you won't receive a default gateway on your client. You will get the specific routes to the internal network, this same networks are the ones defined in the access lists for split tunneling. Split tunneling will permit that you can navigate to the internet using your clients internet connection and still be able to comunicate to the networks across the VPN.

Let me know if this answers your question.

View solution in original post

0 Helpful

Go to solution
PAUL GILBERT ARIAS
Level 5
Level 5
In response to lcaruso

‎02-11-2011 09:23 AM

make sure those networks are included in the split tunnel ACLs and make sure the ASA know how to get to those internal networks.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
songl
Cisco Employee
Cisco Employee

‎02-11-2011 06:34 AM

Please refer to the following configuartion:

http://www.cisco.com/en/US/partner/products/ps6120/products_configuration_example09186a0080975e83.shtml

0 Helpful

Go to solution
lcaruso
Level 6
Level 6
In response to songl

‎02-11-2011 09:17 AM

sorry we haven't gotten our partner status setup yet but will soon

0 Helpful

Go to solution
PAUL GILBERT ARIAS
Level 5
Level 5

‎02-11-2011 08:25 AM

as far as I rememeber you won't receive a default gateway on your client. You will get the specific routes to the internal network, this same networks are the ones defined in the access lists for split tunneling. Split tunneling will permit that you can navigate to the internet using your clients internet connection and still be able to comunicate to the networks across the VPN.

Let me know if this answers your question.

0 Helpful

Go to solution
lcaruso
Level 6
Level 6
In response to PAUL GILBERT ARIAS

‎02-11-2011 09:16 AM

thanks!

then I'm not getting the routes I need

this network has a transit network on the inside, not the client's network which is one hop away

so I can't ssh or ping or get to any internal devices on the client's networks after connecting

where do I setup routes for vpn clients ?

0 Helpful

Go to solution
PAUL GILBERT ARIAS
Level 5
Level 5
In response to lcaruso

‎02-11-2011 09:23 AM

make sure those networks are included in the split tunnel ACLs and make sure the ASA know how to get to those internal networks.

0 Helpful

Go to solution
lcaruso
Level 6
Level 6
In response to PAUL GILBERT ARIAS

‎02-11-2011 09:42 AM

thanks! must be split tunnel acl since ASA knows all about those networks.

0 Helpful
Review Cisco Networking for a $25 gift card
Top