Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
850
Views
0
Helpful
1
Replies

VPN user cannot access locally hosted website

faghouri83
Level 1
Level 1

‎01-13-2021 04:16 PM

Hi Everyone

 

been a while since i've touched cisco ASA firewalls so could use some advice. 

 

I have an anyconnect vpn user who cannot access a website hosted on a local server. I'm trying to use the packet tracer tool built into asdm. As my source i select inside interface and enter the ip address that is given to a vpn user. As my destination address i enter the fqdn url for the local website. Unfortunately it come up with "cannot resolve url" or somthing along those lines. 

 

Can anyone point me in the right direction and give me some tips on what i'm doing wrong please. 

 

Thanks

Labels:
0 Helpful
1 Reply 1

AViftrup
Level 1
Level 1

‎01-25-2021 10:14 AM

There's two things to point out. 

First of all if you do packet tracer you would actually have to simulate the traffic as coming from outside interface. 

In regards to your URL, it seems like you haven't defined any DNS servers on the management of the ASA?

Have you made sure the server is reachable from the Anyconnect Profile you're connecting to? Is the profile split tunneling or full tunnel?

Have you specified a DNS server for the connection profile as well? 

 

Connected to the Anyconnect client, you can also see the routes being injected into the client by going into the route section of the client. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents