Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1322
Views
0
Helpful
3
Replies

problem with Cisco anyconnect vpn client

ichwohnein
Level 1
Level 1

‎05-08-2011 11:38 AM - edited ‎02-21-2020 05:19 PM

My university provides a vpn client (Cisco anyconnect vpn client) for  its members to be able to access restricted pages from off-campus.


I downloaded it and I can connect successfully by entering my username  and password. But when I check my ip address online it just shows my  home ip address. It should show the university ip address when I am connected. Isn't that right?  I cannot access any restricted university pages.


So in summary, I can connect just fine but it does not seem to be doing anything for me.


What could be wrong??

Labels:
0 Helpful
3 Replies 3

Simon Marley
Level 1
Level 1

‎05-08-2011 06:53 PM

Hi Jerry,

If you open the AnyConnect client from the try icon you should have an advanced link. Open this and select the statistics tab this should show you if you are indeed connected and what IP address has been assigned to you.

Hope this helps.

Simon

0 Helpful

ichwohnein
Level 1
Level 1
In response to Simon Marley

‎05-09-2011 03:02 AM

Thanks for your answer Simon.

I look at the statistics. I am indeed connected. The time in the connection duration keeps ticking away.

There is a Client Address and a Server Address listed. I did a reverse dns lookup on these ip addresses and they turn out to be my university's ip. But when I do a 'what's my ip' search in google (using firefox or safari), it just shows my home ip. And I cannot access any restricted websites.

Another strange thing in the statistics is that whenever I open a new webpage, the Bytes Received and Bytes Sent changes. Yet I am still on my home ip?

0 Helpful

Simon Marley
Level 1
Level 1
In response to ichwohnein

‎05-10-2011 04:36 PM

Hey,

Well doing a whatmyip address and having it return the address your ISP has assigned you tells me that they are likely running a split tunnel VPN, meaning they are only routing traffic for specific university private addresses through the VPN and leaving everything else alone.

This is pretty standard practice.

You can confirm this in that advanced window under the connection info it should read split Include (see attached).

If you attempt a traceroute to one of the domains which is university specific does it complete? (whilst connected to the VPN).

Does it also resolve DNS to the correct private IP address?

There are a few things which could be causing this to fail which could be on the ASA - like if they have the split-DNS settings set connectly or they could be on your end if you have restrictive desktop firewall policies in place (unlikely though).

I'd take a look in the Route Details tab of the VPN as well and see if the IP address you get back from the lookup when connected is listed in the secured routes list.

If its not there is your problem.

If it is i'd be asking the Uni's IT support for assistance.

Cheers,

Simon

Preview file
14 KB
0 Helpful
Customers Also Viewed These Support Documents