Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
766
Views
0
Helpful
1
Replies

Anyconnect Multiple VLAN

Dave Robinson
Level 1
Level 1

‎05-01-2019 07:23 AM - edited ‎02-21-2020 09:37 PM

Hi All,

 

We have an existing Anyconnect VPN connection which works absolutely fine to the specified subnet it was originally intended for. For logging purposes its 192.168.10.1.0/24 I am trying to grant additional access into separate VLAN 192.168.210.0/24 I have added a route and setup the required ACL as I thought is the correct way.

 

From testing I can see the routes when I do a route print from my local PC whilst connected and I can see ping traffic hitting the firewall from the asa logs, packet Trace also shows the traffic is permitted to my destination.

 

The End device I am performing tests too is a windows server 192.168.210.16 however the gateway for this is a layer 3 switch which then connects into the ASA.

 

The Firewall is a 5525 and supports quite a large network with many VLANS so I may of missed something

ASA: 9.8

ASDM: 7.8

 

Please let me know if you require any information to help I will be happy to provide this.

 

Thanks,

 

David

 

 

 

 

Labels:
0 Helpful
1 Reply 1

Mike.Cifelli
VIP Alumni
VIP Alumni

‎05-02-2019 06:33 AM

If the ASA packet tracer tool shows that the ASA will permit the traffic to your destination I would look at your L3 switch. Are there any acls on the SVI? How do you route to the ASA, is it a default route pointing up? Or are you potentially missing the route back?
0 Helpful
Customers Also Viewed These Support Documents