Solved: Re: Can't access LAN Subnet - Anyconnect VPN configuration on ASA 5506

NathanBoothby · ‎10-30-2019

Hi all,

I am still new to Cisco and having a bit of an issue.

I am trying to set up a Anyconnect VPN and unable to get the anyconnect clients to talk to LAN. I have been reading previous posts and so far have been unsuccessful. I believe I have correctly configured as per reading the previous posts.

So my main question is, do I need any other equipment on the inside to get the two subnets talking or is it just a config issue? At the moment as this is a new network we only have a dumb switch between asa Inside interface and desktop PC's.

LAN subnet 10.1.1.0

VPN Clients 10.1.10.0

I'll attach the config.

Any help would be much appriciated.

Kind Regards,

Nathan

NathanBoothby · ‎10-30-2019

Hello,

Thank you for your response, I ran the command as requested and understood the fail message (So I think) I then added these access rules:

access-list inside_access_in_1 line 1 extended permit ip object LAN object VPNPOOL
access-list outside_access_in line 1 extended permit ip object VPNPOOL object LAN

I then had success both ways on packet-tracer.

Added the fail and success from 10.5 to 1.10

Still not getting ping responses

View solution in original post

Rob Ingram · ‎10-30-2019

Hi,
Can you run packet-tracer from the CLI and upload the output.
e.g- "packet-tracer input outside tcp 10.1.10.5 3000 10.1.1.10 80"

NathanBoothby · ‎10-30-2019