03-21-2013 07:24 PM - edited 03-11-2019 06:18 PM
Hello,
I've created an AnyConnect VPN which the client is assigned an IP from the IP Pool 10.20.20.0/255.255.255.224.
I've tried to create an entry in the management access tab with the following settings, and it is not working;
Type:ASDM/HTTPS, Interface:Inside, IP Address 10.20.20.0, Mask: 255.255.255.224.
I've also tried setting the interface to outside - no improvement.
Any tips are welcome.
Solved! Go to Solution.
03-21-2013 09:53 PM
Hi Brendan,
Please check these three basic things:
1- The internal network of the ASA is included in the split-tunnel ACL (if configured).
2- Make sure you have the following command: management-access inside
3- Make sure that the identity NAT entry for this traffic has the route lookup at the end. *
ie. nat (inside,outside) source static LAN LAN destination AnyConnect AnyConnect no-proxy-arp route-lookup *
* Assuming that you are running 8.4+
HTH.
Portu.
03-21-2013 09:18 PM
Hello,
What version are you running, are you able to ping the inside interface from the anyconnect client?
03-21-2013 09:53 PM
Hi Brendan,
Please check these three basic things:
1- The internal network of the ASA is included in the split-tunnel ACL (if configured).
2- Make sure you have the following command: management-access inside
3- Make sure that the identity NAT entry for this traffic has the route lookup at the end. *
ie. nat (inside,outside) source static LAN LAN destination AnyConnect AnyConnect no-proxy-arp route-lookup *
* Assuming that you are running 8.4+
HTH.
Portu.
03-22-2013 04:55 PM
Thanks Javier.
03-22-2013 04:53 PM
It was actually the management-access inside that was not set. Everything is fine now, thanks.
03-23-2013 09:23 PM
Great
Keep it up!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide