RemoteAccess VPN using anyconnect to ASA: asp-drop remote user traffic
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2013 05:05 AM - edited 02-21-2020 07:16 PM
Hello Dear Collegues,
I would be very thankfull to anybody who can help me and direct me to the solution of weird issue I've got with ASA 5520 ver 8.2(5).
There is a WEBVPN enabled, and I use anyconnect for remote-access VPN connection.
The connection is ok, split-tunneling is also ok, but no traffic from remote client can reach internal hosts. When I use capture type asp-drop I can see, that all trafic from remote client get dropped by ACL configured rule (Drop-reason: (acl-drop) Flow is denied by configured rule). But I have double checked all the ACL applied to all interface, as well as split-tunnel ACL, and I can't find the way to resolve the issue.
What could be the troubleshooting approach in this case ?
Best regards,
- Labels:
-
AnyConnect

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2013 05:47 AM
What tells the log about dropped packets?
Michael
Please rate all helpful posts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2013 11:30 AM
Hi Ivan,
Please post your running-config for easy trouble shooting and assessing your config so that maybe able to find a solution sooner.
Please make sure, that your internal switch have a static-route in place to push vpn-client traffic towards the ASA.
thanks
Message was edited by: Rizwan Mohamed
