08-27-2015
10:52 PM
- last edited on
02-21-2020
11:55 PM
by
cc_security_adm
Hello.
Let me know if you have any exprience or solution about this issue.
My customer wants to connect from internet to their own C892 with Cisco Anyconnect.
the setting is complete and can connect to LAN via VPN.
But they need to use global IP of C892 to connect the AWS over internet.
So I removed the Split tunnel config on ISR but it is not working yet.
I think need to add DTG config like ASA config as below.
route inside 0 0 <LAN IP > tunneled
please let me know if you have any advice for this issue.
Thank you.
please refer to the below config. some configation is skip.
Global IP : 1.1.1.1 (Temp) via PPPoE
Anyconnect VPN IP : 192.168.11.200 ~ 250/24
LAN IP : 192.168.11.254/24
-----------------------------------------------------------------------------
09-02-2015 11:44 PM
Hey Hiroyuki,
Is this your requirement:
anyconnect users====vpn====1.1.1.1router
router1.1.1.1========ipsec vpn=======AWS
do you need to be able to connect anyconnect clients to the router on the WAN interface and also setup an ipsec tunnel between router's WAN interface and the AWS?
If this is your requiremt, do you also need to be able to access the subnets behind the AWS from the anyconnect clients?
Regards
09-10-2015 05:42 AM
Hello pjain2,
I am really sorry for checking lately.
I think that they aren't using IP Sec conection for AWS.
Please refer to below.
anyconnect users====vpn====1.1.1.1router
anyconnect user global IP 1.1.1.1( using NAT ) ===== SSL VPN(?) or etc.==== AWS
Let me know if you have any solution for this issue.
Any way, very thank you for reply.
Regards
09-10-2015 10:37 AM
your requirement for the connection of anyconnect users to the AWS is not clear.
you want to nat the anyconnect pool subnet to 1.1.1.1 and then send it out through the tunnel to AWS. not sure if you are trying to build an ssl tunnel to the AWS.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide