06-08-2021 06:50 PM
Hi All
Now My company use fortinet as default gateway....I have ASA 5505-x device want to enable its VPN function for user who work at home.
for testing...I find Anyconnect VPN client could connect ASA device..but could not ping Local LAN computer...only ping request , no receive reply package. I find the reason that computer's default gateway is configured fortinet...not ASA...if I chage its gateway setting to ASA...the ping could work fine.
but now,,,,whether I could let ASA VPN client could connect LocalLAN computer without change these internal server or workstation's default dateway ??
Thanks!!
Wencheng
06-09-2021 02:27 AM
Hi there,
Your anyconnect VPN config should be using an address pool. Configure your fortinet to direct traffic sourced from that address pool to the ASA, or use an IGP to share that information between the two devices. There shouldn't be any reason why you would need to change the routing tables of any other devices on the network.
cheers,
Seb.
06-09-2021 02:29 AM
I suggest to have static route add in Fortinet FW back to ASA with out any big change and test it.
Since most of the environment you already have Fortinet as DG, is this works for you ?
or am i miss understand the requirement ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide