Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Our FTD 6.6.0 RA VPN is now working.Thanks to all member of this community. The VPN AnyConnect connection is very slow. Ping from AnyConnect client to a internal server took between 9ms to 90ms with 0% load of the Firepower 2130. What would be the is...
Problem Description:We cannot get AnyConnect VPN clients to retrieve an IP address from our primary DHCP server. I face exactly the same issue here: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvo12057/?rfs=iqvred If we setup a local pool in the ...
Hi,I am using a Cisco Firepower 2130 with FTD code version 6.5.0 for RA VPN using AnyConnect Client 4.x.I configured my VPN to use a DHCP Server a.b.c.d and DHCP Scope 10.44.96.20-10.44.111.254.When I use only the VPN Pool (like DHCP scope) AnyConnec...
Hi, I setup a RA VPN using Cisco Firepower 2130 FTD 6.5.0 and AnyConnect client without split tunnels.I setup a NAT Rule and an access control policy to allow traffics. When I connect to VPN Gateway I can access to internal LAN (RFC 1918) but I cann...
Hi,I configured RA VPN (AnyConnect) using Firepower 2130 FTD and Active Directory. All used belonged to the right group can connect to VPN using AnyConnect. They can access to our ressources (RFC 1918).When I add Microsoft NPS as Radius servers to fo...
Yes sure.I will write a complete setup guide RA VPN with DHCP, Microsoft NPS for Radius and MFA.I need to santize the document to remove all company private information to avoid any information gathering.Will keep you updated.
Solution found: DHCP Scope in RA VPN in must a subnet like 10.44.96.0 and not IPv4 addresse like 10.44.96.20 like stated in Cisco FTD documentation. I hope Cisco will add theses steps in the RA VPN setup:- DHCP Scope must be the network subnet like 1...
Hi,Today I tried to connect but DHCP didn't give a lease to FTD. When I add in the NAT exempt rule from LAN network(s) to RAVPN (DHCP scope) network, and I "clear conn", yesterday it's worked.Today no DHCP lease and RA VPN cannot receive an IP addres...
Thanks RJI.I added route-lookup and DHCP is now working with RA VPN.Good advice.@Rob Ingram wrote:Hi,Append route-lookup to your NAT exempt rule from LAN network(s) to RAVPN (DHCP scope) network. You may need to "clear conn".HTH
