Solved: anyconnect VPN anyconnect tunnel all traffic

chocolate2395777 · ‎07-05-2023

Hi all,

I have set up the AnyConnect VPN in FMC and allowed all traffic over the tunnel.

I can access any internal network but the VPN client get not connect to Google.com or Cisco.com etc.

When I try to nslookup, the VPN can resolve the IP address

But can not ping the IP address

I am not sure if is it the NAT issue, but I try the different settings are still the same issues.

Thanks

MHM Cisco World · ‎07-06-2023

you need NATing U-turn
OUTside,OUTside
check above

View solution in original post

Rob Ingram · ‎07-05-2023

@chocolate2395777 you need an Auto NAT rule (in addition to the rule above) to allow the RAVPN traffic to hairpin. With the src and dst interfaces are the "outside" interface, the src network is an object that represents the RAVPN pool and traffic is translated behind the outside interface.

MHM Cisco World · ‎07-06-2023

you need NATing U-turn
OUTside,OUTside
check above

chocolate2395777 · ‎07-06-2023

Thanks so much,

It works, I never thought that need to U-turn.