Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
657
Views
5
Helpful
7
Replies

Cisco ASA 5508 VPN problem with anyconnect

asa-nub
Level 1
Level 1

‎09-14-2022 05:51 AM

Hi
We are currently using a Cisco ASA 5508, we have a Site to Site VPN connected to one of the vlan. If colleagues want to log in from home they have to use a cisco anyconnect client, but there are only 4 of them at the moment. I tried using a plain built-in windows client but never managed to get the connection to work properly with the vlaned S2S vpn. This is where I would like your help.
Thanks

Labels:
0 Helpful
7 Replies 7

marce1000
VIP
VIP

‎09-14-2022 09:27 AM

 

 - I wouldn't go for S2S vpn for individual clients, the purpose of S2S vpn is to connect (company) hubs. Note that you can download Anyconnect for free , an example setup tutorial on ASA is : https://www.youtube.com/watch?v=XTiUy56aHAo

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Rob Ingram
VIP
VIP

‎09-14-2022 09:54 AM

@asa-nub you mean you can connnect with anyconnect, but are unable to access resources over S2S VPN that is terminated on the 5508?

If so you'd need to configure the ASA to hairpin traffic - same-security-traffic permit intra-interface
You would also need a NAT exemption rule to ensure traffic between the AnyConnect IP pool and the S2S networks are not unintentially translated.

If you still have a problem provide your configuration and some more clarity on the issue.

0 Helpful

asa-nub
Level 1
Level 1

‎09-15-2022 12:47 AM

thanks for the replies, I'll clarify a bit:
we have another company connected to S2S VPN so we can work on their systems, but we have people who only work from home, they need anyconnect VPN. If anyconnect VPN is connected then all resources are accessible on the other side, but if when use the built-in windows client then have no internet and can't access resources with the same settings as with anyconnect. Tunnel All Network is configured on S2S VPN.

 

MHM Cisco World
VIP
VIP
In response to asa-nub

‎09-19-2022 03:43 PM

interesting issue, do you solve it ?

0 Helpful

asa-nub
Level 1
Level 1

‎09-20-2022 04:19 AM

hello, unfortunately we have not yet found a solution, although it is becoming more and more urgent. Maybe I asked the question in the wrong place, it should have been in another topic.

0 Helpful

marce1000
VIP
VIP
In response to asa-nub

‎09-20-2022 05:19 AM

 

            >.... although it is becoming more and more urgent

  - For urgent business related issues contact TAChttps://mycase.cloudapps.cisco.com/case

 M.

 



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful
Customers Also Viewed These Support Documents