09-14-2022 05:51 AM
Hi
We are currently using a Cisco ASA 5508, we have a Site to Site VPN connected to one of the vlan. If colleagues want to log in from home they have to use a cisco anyconnect client, but there are only 4 of them at the moment. I tried using a plain built-in windows client but never managed to get the connection to work properly with the vlaned S2S vpn. This is where I would like your help.
Thanks
09-14-2022 09:27 AM
- I wouldn't go for S2S vpn for individual clients, the purpose of S2S vpn is to connect (company) hubs. Note that you can download Anyconnect for free , an example setup tutorial on ASA is : https://www.youtube.com/watch?v=XTiUy56aHAo
M.
09-14-2022 09:54 AM
@asa-nub you mean you can connnect with anyconnect, but are unable to access resources over S2S VPN that is terminated on the 5508?
If so you'd need to configure the ASA to hairpin traffic - same-security-traffic permit intra-interface
You would also need a NAT exemption rule to ensure traffic between the AnyConnect IP pool and the S2S networks are not unintentially translated.
If you still have a problem provide your configuration and some more clarity on the issue.
09-15-2022 12:47 AM
thanks for the replies, I'll clarify a bit:
we have another company connected to S2S VPN so we can work on their systems, but we have people who only work from home, they need anyconnect VPN. If anyconnect VPN is connected then all resources are accessible on the other side, but if when use the built-in windows client then have no internet and can't access resources with the same settings as with anyconnect. Tunnel All Network is configured on S2S VPN.
09-19-2022 03:43 PM
interesting issue, do you solve it ?
09-20-2022 04:19 AM
hello, unfortunately we have not yet found a solution, although it is becoming more and more urgent. Maybe I asked the question in the wrong place, it should have been in another topic.
09-20-2022 05:19 AM
>.... although it is becoming more and more urgent
- For urgent business related issues contact TAC : https://mycase.cloudapps.cisco.com/case
M.
09-21-2022 12:03 PM
https://www.networkstraining.com/cisco-asa-vpn-hairpinning/
check this link
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide