cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
754
Views
0
Helpful
1
Replies

Anyconnect access to Azure Vm through FTD

Wam83CA
Level 1
Level 1

Hello,

 

I have an urgent problem I just reimage a firepower 2120 from ASA to FTD.

My users connect with Anyconnect to a FTD 2120, and this firewall have a Site to Site VPN to an Azure tenant which host the virtual machines.

The users can access the local network but they cant reach the vm hosted in Azure.

How to allow the Any Connect SSL range to access to Azure Lan through the outside interface and the vpn ?

 

On ASA 9.13 it worked fine but on FTD 6.6 it doesn't

 

Any ideas ?

 

thank you so much for help

1 Reply 1

It should work on FTD because same-security is allowed on FTD. Just make
sure that you have NAT Exempt and Routing set correctly to allow anyconnect
to Azure VM communication.

Ensure that your anyconnect pool is in the crypto ACL for azure.

Finally, ensure that your ACP policy allow the communication between
anyconnect pool and Azure. By default ACP checks are applied on FTD (unless
you bypass it). This is opposite to ASA where vpn-filter is allowed by
default

**** please remember to rate useful posts