NAT for Anyconnect

Justinas1 · ‎12-09-2020

So my Anyconnect wizard ended up with errors thus not setting NAT exceptions.

And I'm having hard time doing it myself.

Situation:

Local pool: 192.168.1.5-192.168.1.100 255.255.255.0

Anyconnect pool: 192.168.2.1 - 192.168.2.51 255.255.255.0

Goal: Anyconnect clients to be able to access LAN IPs and internet.

Trying to this, but no success:

[ERROR] nat (inside,outside) 1 source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static NETWORK_OBJ_192.168.2.0_24 NETWORK_OBJ_192.168.2.0_24 no-proxy-arp

nat (inside,outside) 1 source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192. ^168.1.0_24 destination static NETWORK_OBJ_192.168.2.0_24 NETWORK_OBJ_192.168.2.0
_24 no-proxy-arp

ERROR: % Invalid input detected at '^' marker.

MHM Cisco World · ‎12-09-2020

nat (inside,outside) 1 source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static NETWORK_OBJ_192.168.2.0_24 NETWORK_OBJ_192.168.2.0_24 no-proxy-arp

change to

nat (inside,outside) 1 source static NETWORK_OBJ_192.168.2.0_24 NETWORK_OBJ_192.168.2.0_24 destination static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 no-proxy-arp

try this change

Justinas1 · ‎12-09-2020

No go:

nat (inside,outside) source static NETWORK_OBJ_192.168.2.0_24 NETWORK_OBJ_192.16 ^8.2.0_24 destination static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0 _24 no-proxy-arp

ERROR: % Invalid input detected at '^' marker.

MHM Cisco World · ‎12-09-2020

ciscoasa(config-network-object)#

or
ciscoasa(config)#

where you config this NAT?

this is global config with ciscoasa(config)# only

Justinas1 · ‎12-21-2020

Global config.

MHM Cisco World · ‎12-21-2020

Name is different

16 8 not same 168,

there is must no space between number,

check keyboard it sometimes add space before letter.