08-11-2017 01:27 PM
Used ADSM Startup Wizard and VPN Wizard to setup a 5508 X. I'm trying to get the Anyconnect SSL VPN client to work. After the setup I tried the command sysopt connection permit-vpn to enable inside access from the VPN pool. Still didn't seem to do anything. Can anyone share a sample config for what other access, nat, or routes will be needed in addition to the wizard setups?
I can ping both outside and inside from the CLI. I can connect with the Anyconnect client, but just can't reach anything on my inside network.
08-11-2017 11:51 PM
Hi,
You would need the following things:
NAT rule
Split tunnel rule if needed.
Please check this link :
https://www.petenetlive.com/KB/Article/0000943
Regards,
Aditya
Please rate helpful and mark correct answers
08-13-2017 09:41 AM
I added a few of the commands from that page that I did not have. That seemed to get split tunnel working correctly.
08-13-2017 12:11 PM
Hi,
If you have an access-list on the inside LAN interface then you need to allow outbound traffic going to Anyconnect pool.
Also under show run all
Also, try to ping the LAN interface of the ASA from the Anyconnect client and check if you are able to ping it.
Regards,
Aditya
Please rate helpful and mark correct answers
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: