Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
39284
Views
0
Helpful
6
Replies

FTD 1120 Remote Access VPN issue

d-satbir
Level 1
Level 1

‎04-29-2025 08:43 PM

I've setup Remote Access VPN on FTD 1120 using FDM method. I've used the following link to configure the firewall. 

https://www.cisco.com/c/en/us/support/docs/network-management/remote-access/212424-anyconnect-remote-access-vpn-configurati.html

The issue I'm experiencing is that I can't ping the firewall's wan interface from outside of network and also I can't connect to the VPN. 

WAN connection from ISP is directly connected to the FTD and I've configured the static IP address on the outside interface. I've also configured the DNS entry for the VPN on GoDaddy DNS page. 

I'm not sure if I'm missing anything here.

0 Helpful
6 Replies 6

Rob Ingram
VIP
VIP

‎04-29-2025 10:50 PM

@d-satbir you should be able to ping the FTD's interface as default. Is there a device in front of the FTD that could block ICMP or SSL/IPSec?

Can you ping from the FTD CLI to the internet?

Is routing setup correctly via the outside interface?

Can you access the internet through the FTD or is this a dedicated VPN concentrator?

0 Helpful

d-satbir
Level 1
Level 1
In response to Rob Ingram

‎05-01-2025 05:09 PM

Is there a device in front of the FTD that could block ICMP or SSL/IPSec?

 - Just Comcast modem. 

Can you ping from the FTD CLI to the internet?

- Yes I can ping the ISP connection from the FTD CLI. 

Is routing setup correctly via the outside interface?

 - I've setup default route pointing to ISP. 

Can you access the internet through the FTD or is this a dedicated VPN concentrator?

 - I can access internet through FTD. The FTD is acting as the gateway for the internal network and also Remote access VPN. 

V/R,

S

0 Helpful

MHM Cisco World
VIP
VIP

‎04-29-2025 11:00 PM

RA VPN need mandetory ftd cert., do you have one?

MHM

0 Helpful

d-satbir
Level 1
Level 1
In response to MHM Cisco World

‎05-01-2025 05:10 PM

Yes I've setup self signed cert. 

V/R,

S

0 Helpful

d-satbir
Level 1
Level 1

‎06-02-2025 04:51 PM

I still haven't been able to figure out this issue and was hoping that someone out there has come across this. 

I would appreciate ton if anyone could help and give me some clues. 

Thank You.

Regards,

S

0 Helpful

Aref Alsouqi
VIP
VIP

‎06-03-2025 02:05 AM

Could you please share initially the sanitized output of the following commands from the FTD CLI?

show asp table socket
show run webvpn

Also, do you happen to have any inbound rules on this firewall? the issue could also be related to a one-to-one NAT rule that translates all the traffic hitting the FTD outside interface to something in the inside network.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card