cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
631
Views
5
Helpful
2
Replies

ASA Anyconnect to internal LAN tunnel

j.a.m.e.s
Level 4
Level 4

I can see that ASA supports VXLAN and IPSec tunnels. Would there be any reason why I couldn't configure AnyConnect WebVPN on the outside and route all the traffic into a tunnel on the inside?

 

My thinking so far is:

  • All static routing with default towards the internet
  • VXLAN tunnel with single peer IP (no multicast)
  • NX-OS switches at the other end of the tunnel
  • Attach a IP SLA to the default route to healthcheck the internal tunnel remote endpoint
  • Filter list on the Anyconnect group-policy (I'd expect this to work regardless of the internal interface type)

Has anyone tried Anyconnect with an internal tunnel? I'd really appreciate any feedback on whether this would work.

 

All the best

James.

 

 

2 Replies 2

harmesh88
Level 1
Level 1

HI,

 

Actually need more specific requirement .

 

Can you please update details ?

j.a.m.e.s
Level 4
Level 4

Hi Harmesh

It's a general question about whether Anyconnect - VXLAN tunnel is supported on ASA and if anyone has tried it?

James.