FPR1010 AnyConnect no Internet

Moamen Elsayed · ‎02-11-2020

when i Connect using anyconnect i can not access to internet, am using FPR1010

How can i access to the internet ?

Muhammad Awais Khan · ‎02-11-2020

Hi,

Do you want internet to work through Anyconnect VPN connection or directly without VPN ?

If directly then in ipv4 split tunnel policy, add the interesting traffic only. Right now with your current configuration, all the VPN traffic is comming to FTD appliance.

Moamen Elsayed · ‎02-11-2020

i need to access internet through anyconnect

Rob Ingram · ‎02-11-2020

Hi,

What software are you running on this hardware ASA or FTD?

If running ASA you need to add the command "same-security-traffic permit intra-interface" and define a NAT rule for the RAVPN IP Pool network with the source interface as the outside interface name. E.g.

object network RAVPN
 nat (OUTSIDE,OUTSIDE) dynamic interface

If running FTD you just need the NAT rule.

HTH

Moamen Elsayed · ‎02-11-2020

i use FDM ( new FirePower ), Dflt NAT rule already applied

Rob Ingram · ‎02-11-2020

I assume the NAT rule you refer to is the same NAT rule that provides internet access for users on the inside of the network? That wouldn't work as the source interface would probably be set to the inside interface. You would need to create an additional NAT rule as per my example above (although the syntax above is for ASA, it's the same principle).

Moamen Elsayed · ‎02-11-2020

i applied NAT rule as you descried but no access also

Moamen Elsayed · ‎02-11-2020

i applied split tunneling as show in attached but i can not access internet.