cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

202
Views
5
Helpful
2
Replies
Beginner

Cisco ASA 5505 Anyconnect | Hide Public IP

Hello all,

 

I have an ASA 5505 which is connected to my ISP router.

When i connect via Any connect, i cannot obtain the public IP of my ISP. I have configured the following SPLIT access-lists:

access-list SPLIT standard permit 10.10.1.0 255.255.255.0
access-list SPLIT standard permit 10.10.2.0 255.255.255.0
access-list SPLIT standard permit 10.10.3.0 255.255.255.0
access-list SPLIT standard permit 10.10.4.0 255.255.255.0
access-list SPLIT standard permit 10.10.5.0 255.255.255.0
access-list SPLIT standard permit 10.10.6.0 255.255.255.0
access-list SPLIT standard permit 10.10.7.0 255.255.255.0
access-list SPLIT standard permit 10.10.8.0 255.255.255.0
access-list SPLIT standard permit 192.168.1.0 255.255.255.0
access-list SPLIT standard permit any4

 

I have also uploaded the configuration file. What might be the issue?

 

Regards,

Stef

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Master

Re: Cisco ASA 5505 Anyconnect | Hide Public IP

Why use split tunnel if you want all traffic to go over VPN?

Does your upstream "ISP" know to route traffic to your VPN pool (10.10.5.0/24) back via the ASA outside interface?

2 REPLIES 2
Hall of Fame Master

Re: Cisco ASA 5505 Anyconnect | Hide Public IP

Why use split tunnel if you want all traffic to go over VPN?

Does your upstream "ISP" know to route traffic to your VPN pool (10.10.5.0/24) back via the ASA outside interface?

Highlighted
Beginner

Re: Cisco ASA 5505 Anyconnect | Hide Public IP

Thanks Marvin,

 

i removed the following:

no split-tunnel-policy tunnelspecified
no split-tunnel-network-list value SPLIT

 

and i added the following NAT:

nat (OUTSIDE,OUTSIDE) after-auto source dynamic VPN_POOL interface

 

Now i can see ISP public IP from whenever i login to Anyconnect.