Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4983
Views
0
Helpful
2
Replies

Cisco Anyconnect clients routing routes

Go to solution
ibarra083
Level 1
Level 1

‎12-19-2016 04:42 PM - edited ‎02-21-2020 09:06 PM

Hi,

I have a doubt about the behaivor of the Cisco ASA on the Anyconnect clients routing.

I can see that every time a Anyconnect client establishes a VPN connection with the ASA, a static route entry is created in the routing table of the ASA.

What ASA characteristic creates this static routes?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎12-19-2016 06:13 PM

Your question is not clear to me. Are you asking about the static route that is added to the routing table of the ASA for the IP address assigned to the client for this session? Or are you asking about some other static route?

When the AnyConnect client establishes a VPN session it is assigned an IP address from the configured pool. The ASA creates an entry in the routing table that associates the assigned pool address with the peer address of the client. The ASA uses this to be able to know how to send traffic to the VPN user to the correct remote IP address.

So the ASA characteristic is the effective use of the pool of IP addresses used for AnyConnect.

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎12-19-2016 06:13 PM

Your question is not clear to me. Are you asking about the static route that is added to the routing table of the ASA for the IP address assigned to the client for this session? Or are you asking about some other static route?

When the AnyConnect client establishes a VPN session it is assigned an IP address from the configured pool. The ASA creates an entry in the routing table that associates the assigned pool address with the peer address of the client. The ASA uses this to be able to know how to send traffic to the VPN user to the correct remote IP address.

So the ASA characteristic is the effective use of the pool of IP addresses used for AnyConnect.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
ibarra083
Level 1
Level 1
In response to Richard Burts

‎12-20-2016 09:40 AM

Hi Richard,

Thanks for the answer, that's what I wanted to know.

I was not sure about why a new static route with the Anyconnect client assigned IP address was created every time a new VPN session is established.

0 Helpful
Customers Also Viewed These Support Documents