Solved: Can VPN run on the first IP address of provider network only?

mcgiga · ‎10-08-2024

Hi,

provider 1 provides a /29 subnet with 5 useable IP addresses. NAT rule is in place so all five IP addresses can be used by the ASA.

But the question is, is only the first useable ip address of the /29 subnet available for anyconnect? I am asking because I can't establish a connection and the ssl logon website is not available i. e. on the second ip address. Only on the first IP address anyconnect can connect and the vpn logon website is running.

Rob Ingram · ‎10-08-2024

@mcgiga you can only establish a VPN (anyconnect) to the IP address of the ASA's physical IP address. The other IP addresses in the /29 subnet can be used by the ASA as NAT IP addresses.

View solution in original post

Rob Ingram · ‎10-08-2024

@mcgiga you can only establish a VPN (anyconnect) to the IP address of the ASA's physical IP address. The other IP addresses in the /29 subnet can be used by the ASA as NAT IP addresses.

mcgiga · ‎10-08-2024

Thank you for your reply. Right after posting my question I have found an older thread here where the question was asked. Haven't found it before

MHM Cisco World · ‎10-08-2024

You meaning only one anyconnect can be connect to asa ?

If yes check the vpn limit

Share

Show vpn sessiondb anyconnect

MHM