Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1046
Views
0
Helpful
2
Replies

SSL VPN Issue

dhoppest
Level 1
Level 1

‎02-02-2012 09:04 PM

I am trying to configure Anyconnect SSL VPN on my ASA5505 at home. I have the connection up and able to come in and go back out my Outside interface and browse the web, but not able to access any internal resources. I am not very familiar with the ASA's configuration. Below is how my network is setup and the ASA config. Any advice?

                                                                                                  ---- (Home VLAN - 192.168.10.0/24)

                                                                                                  |

(AnyConnect - 192.168.205.200/24) ---- Internet ---- (ASA)-----

                                                                                                  |

                                                                                                  ---- (Lab VLAN - 192.168.0.0/24) --- 192.168.0.19---(Lab Router) -- 10.1.5.0/24

I have EIGRP running on the ASA and Lab Router. I can see the Anyconnect client's IP address of 192.168.205.200 in the Lab router routing table, but not able to ping it from anywhere and the Anyconnect client can not reach any devices in the 10.1.5.0 network.

Thanks in advance for any help.

David

Labels:
121774-asaconfig.txt.zip
0 Helpful
2 Replies 2

Jeff Van Houten
Level 5
Level 5

‎02-04-2012 06:15 AM

Is it possible the 10.1.5 network is not published in the "routes to be tunneled" section of the Asa config?

Sent from Cisco Technical Support iPad App

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni

‎02-04-2012 01:34 PM

Hello,

I would change this nat statement:

NO nat (inside,any) source static any any destination static RAVPN RAVPN

nat (inside,outside) source static any any destination static RAVPN RAVPNS

You also need to add the network 10.1.5.0 into the eigrp process 10.

Give it a try and see how it goes!!

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents