Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
901
Views
10
Helpful
5
Replies

Anyconnect remote access

Waheed Eladawy
Level 1
Level 1

‎12-11-2021 11:45 AM

          Using anyconnect as remote access on ASA for outside, and another FW for LAN

         how to use remote access to reach from LAN, 

     I configure VPN pool range to assign addresses in VPN profiles m but traffic stuck from ASA and not going to LAN FW 

          * route from WAN to Lan exist 

     any ideas, i will be appreciate

Labels:
5 Replies 5

Rob Ingram
VIP
VIP

‎12-11-2021 12:12 PM

@Waheed Eladawy Do you have a NAT exemption rule, to ensure traffic is not unintentially translated? Example:

 

nat (inside,outside) source static LAN LAN destination static RAVPN-POOL RAVPN-POOL

0 Helpful

Waheed Eladawy
Level 1
Level 1
In response to Rob Ingram

‎12-11-2021 12:36 PM

yes i have created it like this 

nat (LAN_FW_int,outside) source static LAN_Adresses des static VPN_Addresse_Pool 

note : i use vpn pool subnet not exist on lan fw i depend on existing Routing ro flow traffic to lan fw and then Policy will apply on VPN pool address 

 

thnx fi=or reply.

0 Helpful

Rob Ingram
VIP
VIP
In response to Waheed Eladawy

‎12-11-2021 12:40 PM

@Waheed Eladawy provide your configuration for review.

Run packet-tracer from the CLI to simulate the traffic flow, provide the output for review.

0 Helpful

Waheed Eladawy
Level 1
Level 1
In response to Rob Ingram

‎12-11-2021 12:55 PM

      shows me that traffic dey by access list deny (implicit) but all traffic from/to  it allowed 

Customers Also Viewed These Support Documents