Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
606
Views
0
Helpful
1
Replies

Default Gateway congifuration for Anyconnect VPN.

Sagarphadatare44
Level 1
Level 1

‎11-05-2018 08:30 PM

Hi everyone,

Need your urgent help.

 

I have configured FTD for anyconnect setup. FTD is integrated with Radius server which is responsible for assigning IP, Default gateway and VLAN ID to the VPN client.

 

When one of the user connects to the anyconnect he gets following attributes assigned to his machine,

IP: 10.20.194.102

Default Gateway: 10.20.128.1

VLAN: 1115.

 

My question is, where in my network I should configure Default Gateway i.e, 10.20.128.1 ?

 

I am thinking of configuring default gateway IP (10.20.128.1) on inside interface of firewall (FTD), Will it be fine?

Outside interface has public IP which received connection from remote user.  

 

Hoping for quick help and suggestions.

 

Regards,

Sagar

Labels:
0 Helpful
1 Reply 1

David Castro F.
Spotlight
Spotlight

‎11-05-2018 10:21 PM

Hello Sagar,

 

It is not necessary to configure the default gateway on the ASA, it is actually not required anywhere in the ASA, since when you create a pool that IP pool does not need to meet any of the IPs configured in the interfaces of the ASA. Now what you would likely need is to create ACLs to allow access from the AnyConnect IP pools to the internal resources, also identity NATs and a static route stating for the IP pools to the outside.

 

Let me know if you have any other doubt, please qualify all of the helpful posts!

 

David Castro,

0 Helpful
Customers Also Viewed These Support Documents