Hi All,
I have the below setup as per below:
Scenario Question 1)
Internal network(10.x.3.209 /26) - (10.x.3.192 /26)FW(10.x.3.33 /27) - (Inside: 10.x.3.36 /27) ASA (Outside: 10.x.3.148 /28)- (10.x.3.145)FW - INTERNET RTR (Static NAT)(60.x.x.61) - ISP - Windows Anyconnect Client
Static NAT at RTR : 60.x.x.61 ==> 10.x.3.148; FW has allow TCP and UDP 443.
My AnyConnect could not connect to my 60.x.x.61
Scenario Question 2)
But if my Anyconnect Client is at the ASA Outside segment, it is able to get connected and get a VPN pool addr in the Inside network (eg: 10.x.3.37 /27)
Internal network - FW - (Inside) ASA (Outside)- Windows Anyconnect Client
However, 10.x.3.37 could not ping to 10.x.3.209/26. I could ping to 10.x.3.209/26 from the ASA Inside IP 10.x.3.36/27
Can anyone please advise whether my VPN design above is workable? and what are the possible configuration that I should implement to make both scenario questions work? Thanks.