Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3654
Views
0
Helpful
3
Replies

General Failure pinging host name while on VPN

aknox
Level 1
Level 1

‎05-25-2017 09:54 AM

Hello,

I'm running into a bit of an odd problem. One of my users who is primarily a remote worker cannot use one of his primary applications while connected to our ASA VPN using the AnyConnect client.

Apparently the application needs to be able to ping itself / resolve the local host name. In house it works fine. While he's on the VPN functionality breaks. In doing some testing, I've found that while connected to the VPN pinging the local host name / IP address results in a "General failure." message. In fact, I get this message when trying to ping any IP in the range handed out by the ASA. 

I'm fairly new at the company and my experience with ASA's / VPN's in general is fairly limited.

Any help would be greatly appreciated.

2 people had this problem
Labels:
0 Helpful
3 Replies 3

Rahul Govindan
VIP Alumni
VIP Alumni

‎05-25-2017 07:22 PM

Ping functionality itself should not be broken with Anyconnect VPN, unless you have some sort of filter applied for your VPN users. PC hostname resolution might not be possible if you assign ip addresses via the ASA local ip address pool - your dns/wins server has no information about this.

Are you able to ping a VPN client user from the ASA inside interface?

0 Helpful

aknox
Level 1
Level 1
In response to Rahul Govindan

‎06-02-2017 08:58 AM

I am able to ping the IP of a vpn system using the ASA inside interface but not the host name. Is it possible to set up a client profile / group policy so it's using an address pool that the dns/wins server has access to?

0 Helpful

PeterLMSD
Level 1
Level 1

‎07-10-2023 08:17 PM - edited ‎07-11-2023 01:24 AM

Hi, just a heads up I posted a lengthy thread.

https://community.cisco.com/t5/vpn/general-failure-when-pinging-hostname-while-on-vpn/m-p/4871371

If you were trying on a newer model HP, the issue I found was built in wifi and ethernet / thunderbolt adapters caused me to get a general failure when trying to do a "ping *hostname* -4" making sure it was IPv4.

But if I used an external USB-A Ethernet (StarTech USB31000S) or Wireless (TP-Link TL-WN821N) adapter then it did work.

Working with HP but I do wonder if other hardware OEMs have the same problem with AnyConnect.

0 Helpful
Customers Also Viewed These Support Documents