Solved: Re: Cisco FMC/FTD Cisco Anyconnect client but no internet access

IamSamSaul · ‎09-23-2022

Hello fellow users,

I have configured Cisco Anyconnect VPN on Cisco FTD managed by Cisco FMC. I have also configured that all the internet traffic should go through the Cisco Anyconnect VPN. I have configured the following NAT U-Turn rule:

The VPN Anyconnect client is connected but I do not have any Internet. The machines on "inside" can go to Internet using the last NAT rule.

I will be thanks if someone can have any suggestion or maybe I'm missing something.

Thanks & Regards,

Sam

MHM Cisco World · ‎09-23-2022

I Think this issue of DNS, so

In vpn client do

Ping google.com

Ping 8.8.8.8

I think 8.8.8.8 is success but dns lookup failed.

View solution in original post

Rob Ingram · ‎09-23-2022

@IamSamSaul I assume you've got a rule on the ACP to permit traffic from src: outside to dst: outside from VPN-Pool-A and VPN-Pool-B to any?

If you run packet-tracer from the CLI to simulate the traffic flow of a user in VPN-Pool-A or B to the internet, please provide the output for review.

MHM Cisco World · ‎09-23-2022

I Think this issue of DNS, so

In vpn client do

Ping google.com

Ping 8.8.8.8

I think 8.8.8.8 is success but dns lookup failed.

IamSamSaul · ‎09-24-2022

It turned out to be DNS issue on VPN clients.

Thanks