AnyConnect VPN Clients IP Address access rules

pt_wang · ‎07-02-2012

I setup ASA5540 for SSL-VPN (clientless) works fine.

But I try to use Client (AnyConnect) to access internal resources, it is failed. It is stiil initiate sessions from remote client IP.

I need to initiate session from client IP assigned by ASA5540 box (same with Cisco VPN client connect to Cat65 SVC module).

How I setup it?

Jennifer Halim · ‎07-02-2012

Why do you need to assign the same IP pool on ASA as well as SVC module? if they are in the same network, then the routing might not work correctly as the internal resources would not know whether to send the traffic towards the ASA or the SVC module if both clients are assigned the same ip pool subnet.

pt_wang · ‎07-04-2012

I use Cisco VPN client (remote access VPN)to connect ASA.

There is a configuration setup for group authentication/w password on Cisco VPN client.I do not know to setup on ASA to match this?

Second, remote client connect ASA, I should get the client IP address which I setup on ASA.

It should use this IP to connect ASA internal net,but I failed.( Both Cisco VPN and AnyConnect)

How I setup this ( SSL VPN on this ASA works).

Jennifer Halim · ‎07-04-2012

here is a sample configuration for Cisco VPN Client (IPSec):

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008060f25c.shtml

let us know if that works.