Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1175
Views
0
Helpful
3
Replies

No local LAN access after connecting to AnyConnect

Robert Cho
Level 1
Level 1

‎04-19-2017 06:48 AM - edited ‎02-21-2020 09:15 PM

My computer is on domain site1.com.  When I use AnyConnect to VPN to site2.com, I lose local LAN access. I cannot ping via DNS name, IP, or FQDN for any server on site1.com.  The DNS suffix search list shows site1.com and site2.com, and 'local LAN access' is checked in the AnyConnect client.

I opened a case with Cisco and the assigned tech keeps insisting that the configuration of the remote VPN (at site2.com) is blocking the local LAN access. As a test, i had a colleague at another site (site3.com) VPN to site2.com using my credentials.  After he connected to AnyConnect, he was able to ping local (site3.com) servers via DNS and IP successfully.  This leads me to believe to that it's a configuration issue on the ASA at site1.com.

After I connected to the VPN for site2.com and attempted to ping local servers, Wireshark only showed that the DNS query was only going through the VPN connection and not failing back to the local DNS server.

Any help will be greatly appreciated.  Thanks.

Labels:
0 Helpful
3 Replies 3

Kuat Bakenov
Level 1
Level 1

‎04-19-2017 10:38 AM

split tunnel????

0 Helpful

Robert Cho
Level 1
Level 1
In response to Kuat Bakenov

‎04-19-2017 11:32 AM

Split tunneling is configured on the remote VPN connection to site2.com.  For instance when I connect to that VPN from home, I can still access my NAS, IP cameras, and other computers at home, and my internet connection is through my home's Comcast ISP connection.

0 Helpful

Kuat Bakenov
Level 1
Level 1
In response to Robert Cho

‎04-19-2017 06:34 PM

chek routes, check acl in config if use.chek routes on pc. you home network, and network on work use different subnet...

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents