Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
260
Views
0
Helpful
1
Replies

asa vpn anyconnect

netops009
Level 1
Level 1

‎01-28-2016 06:52 AM - edited ‎03-12-2019 12:12 AM

I have an asa cluster and I have vpn anyconnect users that access the internal network via vpn through rhe firewall cluster.  How do I setup the firewall cluster to allow the anyconnect vpn clients to have access to each other.

Labels:
0 Helpful
1 Reply 1

carlguer
Level 1
Level 1

‎01-28-2016 01:38 PM

Hi netop009,

This depends on your configuration:

- Are you using split-tunnel or tunnel-all?

- Do you have U-turning enabled on your ASA?

- Do you have a nat affecting the VPN users?

Basically what you need to do is this:

- If using Split-tunnel:

1. Allow the pool of ip's in the split-tunnel acl

2. Allow U-turning (same-security-traffic permit intra-interface)

3. Make sure that there's no nat affecting traffic going outside -> outside

4. If the traffic is being affected by the NAT create a NAT exemption

- If using Tunnel-all:

1. Allow U-turning (same-security-traffic permit intra-interface)

2. Make sure that there's no nat affecting traffic going outside -> outside

3. If the traffic is being affected by the NAT create a NAT exemption

Regards,

- Javier -

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card