Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
766
Views
0
Helpful
1
Replies

Anyconnect access to Azure Vm through FTD

Wam83CA
Level 1
Level 1

‎05-24-2020 09:54 AM

Hello,

 

I have an urgent problem I just reimage a firepower 2120 from ASA to FTD.

My users connect with Anyconnect to a FTD 2120, and this firewall have a Site to Site VPN to an Azure tenant which host the virtual machines.

The users can access the local network but they cant reach the vm hosted in Azure.

How to allow the Any Connect SSL range to access to Azure Lan through the outside interface and the vpn ?

 

On ASA 9.13 it worked fine but on FTD 6.6 it doesn't

 

Any ideas ?

 

thank you so much for help

Labels:
0 Helpful
1 Reply 1

Mohammed al Baqari
Level 11
Level 11

‎05-25-2020 12:59 AM

It should work on FTD because same-security is allowed on FTD. Just make
sure that you have NAT Exempt and Routing set correctly to allow anyconnect
to Azure VM communication.

Ensure that your anyconnect pool is in the crypto ACL for azure.

Finally, ensure that your ACP policy allow the communication between
anyconnect pool and Azure. By default ACP checks are applied on FTD (unless
you bypass it). This is opposite to ASA where vpn-filter is allowed by
default

**** please remember to rate useful posts
0 Helpful
Customers Also Viewed These Support Documents