- Cisco Community
- Technology and Support
- Security
- VPN
- Unable to access internal network while connected to AnyConnect
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Unable to access internal network while connected to AnyConnect
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-01-2024 08:16 AM
Just setup a new ASAv with Split Tunnel and unable to access any VM's on the networks in the spilt tunnel while connected with AnyConnect. If I login to the ASAv I am able to ping the internal IP's on VMs. I can't seem to figure out where it's configured wrong or what I am missing.
Support-ASA(config)# ping 10.100.1.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.100.1.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 70/72/80 ms
Support-ASA(config)# ping 10.230.1.11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.230.1.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/66/70 ms
Support-ASA(config)#
Here is the config
ASA Version 9.20(2)10
!
hostname Support-ASA
enable password ***** pbkdf2
service-module 0 keepalive-timeout 4
service-module 0 keepalive-counter 6
!
license smart
feature tier standard
throughput level 1G
names
no mac-address auto
ip local pool VPN-Pool 10.5.1.0-10.5.1.255 mask 255.255.255.0
!
interface GigabitEthernet0/0
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/1
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
no management-only
nameif Outside
security-level 0
ip address dhcp setroute
!
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
dns domain-lookup Outside
dns server-group DefaultDNS
name-server 168.63.129.16
no object-group-search access-control
object network VPN-Pool
subnet 10.5.1.0 255.255.255.0
object network inside_network
subnet 10.20.1.0 255.255.255.0
object-group network DM_INLINE_NETWORK_1
network-object host 10.100.1.8
network-object host 10.100.1.9
access-group Outside_access_in in interface Outside
access-list SPLIT_TUNNEL standard permit 10.70.4.0 255.255.255.0
access-list SPLIT_TUNNEL standard permit 10.80.4.0 255.255.255.0
access-list SPLIT_TUNNEL standard permit 10.40.4.0 255.255.255.0
access-list SPLIT_TUNNEL standard permit 10.90.4.0 255.255.255.0
access-list SPLIT_TUNNEL standard permit 10.60.4.0 255.255.255.0
access-list SPLIT_TUNNEL standard permit host 10.100.1.8
access-list SPLIT_TUNNEL standard permit host 10.100.1.9
access-list SPLIT_TUNNEL standard permit 10.230.0.0 255.255.0.0
access-list Outside_access_in extended permit ip any object-group DM_INLINE_NETWORK_1
access-list Outside_access_in extended permit ip any any
access-list Outside_access_in extended permit ip any 10.230.0.0 255.255.0.0
access-list AnyConnect_Client_Local_Print extended deny ip any4 any4
access-list AnyConnect_Client_Local_Print extended permit tcp any4 any4 eq lpd
access-list AnyConnect_Client_Local_Print remark IPP: Internet Printing Protocol
access-list AnyConnect_Client_Local_Print extended permit tcp any4 any4 eq 631
access-list AnyConnect_Client_Local_Print remark Windows' printing port
access-list AnyConnect_Client_Local_Print extended permit tcp any4 any4 eq 9100
access-list AnyConnect_Client_Local_Print remark mDNS: multicast DNS protocol
access-list AnyConnect_Client_Local_Print extended permit udp any4 host 224.0.0.251 eq 5353
access-list AnyConnect_Client_Local_Print remark LLMNR: Link Local Multicast Name Resolution protocol
access-list AnyConnect_Client_Local_Print extended permit udp any4 host 224.0.0.252 eq 5355
access-list AnyConnect_Client_Local_Print remark TCP/NetBIOS protocol
access-list AnyConnect_Client_Local_Print extended permit tcp any4 any4 eq 137
access-list AnyConnect_Client_Local_Print extended permit udp any4 any4 eq netbios-ns
pager lines 23
logging enable
logging asdm informational
mtu Outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
arp rate-limit 16384
nat (any,any) source static inside_network inside_network destination static inside_network inside_network no-proxy-arp
nat (any,any) source static VPN-Pool VPN-Pool destination static VPN-Pool VPN-Pool no-proxy-arp
!
object network VPN-Pool
nat (any,Outside) dynamic interface
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
timeout conn-holddown 0:00:15
timeout igp stale-route 0:01:10
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication login-history
http server enable
http 10.10.10.10 255.255.255.255 Outside
no snmp-server location
no snmp-server contact
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpoint _SmartCallHome_ServerCA
no validation-usage
crl configure
crypto ca trustpoint _SmartCallHome_ServerCA2
no validation-usage
crl configure
crypto ca trustpoint ASDM_imiscloud
keypair ASDM_imiscloud
crl configure
crypto ca trustpoint ASDM_imiscloud-1
crl configure
crypto ca trustpoint ASI-Support
enrollment terminal
no ca-check
crl configure
crypto ca trustpool policy
auto-import
crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca 0a0142800000014523c844b500000002
30820560 30820348 a0030201 0202100a 01428000 00014523 c844b500 00000230
0d06092a 864886f7 0d01010b 0500304a 310b3009 06035504 06130255 53311230
10060355 040a1309 4964656e 54727573 74312730 25060355 0403131e 4964656e
54727573 7420436f 6d6d6572 6369616c 20526f6f 74204341 2031301e 170d3134
30313136 31383132 32335a17 0d333430 31313631 38313232 335a304a 310b3009
06035504 06130255 53311230 10060355 040a1309 4964656e 54727573 74312730
25060355 0403131e 4964656e 54727573 7420436f 6d6d6572 6369616c 20526f6f
74204341 20313082 0222300d 06092a86 4886f70d 01010105 00038202 0f003082
020a0282 020100a7 5019de3f 993dd433 46f16f51 6182b2a9 4f8f6789 5d84d953
dd0c28d9 d7f0ffae 95437299 f9b55d7c 8ac142e1 315074d1 810d7ccd 9b21ab43
e2acad5e 866ef309 8a1f5a32 bda2eb94 f9e85c0a ecff98d2 af71b3b4 539f4e87
ef92bcbd ec4f3230 884b175e 57c453c2 f602978d d9622bbf 241f628d dfc3b829
4b49783c 93608822 fc99da36 c8c2a2d4 2c540067 356e73bf 0258f0a4 dde5b0a2
267acae0 36a51916 f5fdb7ef ae3f40f5 6d5a04fd ce34ca24 dc74231b 5d331312
5dc40125 f630dd02 5d9fe0d5 47bdb4eb 1ba1bb49 49d89f5b 02f38ae4 2490e462
4f4fc1af 8b0e7417 a8d17288 6a7a0149 ccb44679 c617b1da 981e0759 fa752185
65dd9056 cefbaba5 609dc49d f952b08b bd87f98f 2b230a23 763bf733 e1c900f3
69f94ba2 e04ebc7e 93398407 f744707e fe075ae5 b1acd118 ccf235e5 494908ca
56c93dfb 0f187d8b 3bc113c2 4d8fc94f 0e37e91f a10e6adf 622ecb35 0651792c
c82538f4 fa4ba789 5c9cd2e3 0d39864a 747cd559 87c23f4e 0c5c52f4 3df75282
f1eaa3ac fd49341a 28f34188 3a13eee8 deff991d 5fbacbe8 1ef2b950 60c031d3
73e5efbe a0ed330b 74be2020 c4676cf0 08037a55 807f464e 96a7f41e 3ee1f6d8
09e13364 2b63d732 5e9ff9c0 7b0f786f 97bc939a f99c1290 787a8087 15d77274
9c557478 b1bae16e 7004ba4f a0ba68c3 7bff31f0 733d3d94 2ab10b41 0ea0fe4d
88656b79 33b4d702 03010001 a3423040 300e0603 551d0f01 01ff0404 03020106
300f0603 551d1301 01ff0405 30030101 ff301d06 03551d0e 04160414 ed4419c0
d3f0068b eea47bbe 42e72654 c88e3676 300d0609 2a864886 f70d0101 0b050003
82020100 0dae9032 f6a64b7c 44761961 1e2728cd 5e54ef25 bce30890 f929d7ae
6808e194 0058ef2e 2e7e5352 8cb65c07 ea88ba99 8b5094d7 8280df61 090093ad
0d14e6ce c1f23794 78b05f9c b3a273b8 8f059338 cd8d3eb0 b8fbc0cf b1f2ec2d
2d1bccec aa9ab3aa 60821b2d 3bc3843d 578a961e 9c75b8d3 30cd6008 8390d38e
54f14d66 c05d7403 40a3ee85 7ec21f77 9c06e8c1 a7185d52 95edc9dd 259e6dfa
a9eda33a 34d0597b daed50f3 35bfedeb 144d31c7 60f4daf1 879ce248 e2c6c537
fb0610fa 75596631 4729da76 9a1ce982 aeef9ab9 51f78823 9a699562 3ce55580
36d75402 fff1b95d ced4236f d845844a 5b65ef89 0cdd14a7 20cb18a5 25b40df9
01f0a2d2 f400c874 8ea12a48 8e65db13 c4e22517 7debbe87 5b172054 51934a53
030bec5d ca33ed62 fd45c72f 5bdc58a0 8039e6fa d7fe1314 a6ed3d94 4a4274d4
c3775973 cd8f46be 5538effa e89132ea 97580422 de38c3cc bc6dc933 3a6a0a69
3fa0c8ea 728f8c63 8623bd6d 3c969e95 e0494caa a2b92a1b 9c368178 edc3e846
e2265944 751ed975 8951cd10 849d6160 cb5df997 224d8e98 e6e37ff6 5bbbaecd
ca4a816b 5e0bf351 e1742be9 7e27a7d9 99494ef8 a580db25 0f1c6362 8ac93367
6b3c1083 c6addea8 cd168e8d f0073771 9ff2abfc 41f5c18b ec00375d 09e54e80
effab15c 3806a51b 4ae1dc38 2d3cdcab 1f901ad5 4a9ceed1 706cccee f457f818
ba846e87
quit
crypto ca certificate chain _SmartCallHome_ServerCA2
certificate ca 0509
308205b7 3082039f a0030201 02020205 09300d06 092a8648 86f70d01 01050500
3045310b 30090603 55040613 02424d31 19301706 0355040a 13105175 6f566164
6973204c 696d6974 6564311b 30190603 55040313 1251756f 56616469 7320526f
6f742043 41203230 1e170d30 36313132 34313832 3730305a 170d3331 31313234
31383233 33335a30 45310b30 09060355 04061302 424d3119 30170603 55040a13
1051756f 56616469 73204c69 6d697465 64311b30 19060355 04031312 51756f56
61646973 20526f6f 74204341 20323082 0222300d 06092a86 4886f70d 01010105
00038202 0f003082 020a0282 0201009a 18ca4b94 0d002daf 03298af0 0f81c8ae
4c19851d 089fab29 4485f32f 81ad321e 9046bfa3 86261a1e fe7e1c18 3a5c9c60
172a3a74 8333307d 615411cb edabe0e6 d2a27ef5 6b6f18b7 0a0b2dfd e93eef0a
c6b310e9 dcc24617 f85dfda4 daff9e49 5a9ce633 e62496f7 3fba5b2b 1c7a35c2
d667feab 66508b6d 28602bef d760c3c7 93bc8d36 91f37ff8 db1113c4 9c7776c1
aeb7026a 817aa945 83e205e6 b956c194 378f4871 6322ec17 6507958a 4bdf8fc6
5a0ae5b0 e35f5e6b 11ab0cf9 85eb44e9 f80473f2 e9fe5c98 8cf573af 6bb47ecd
d45c022b 4c39e1b2 95952d42 87d7d5b3 9043b76c 13f1dedd f6c4f889 3fd175f5
92c391d5 8a88d090 ecdc6dde 89c26571 968b0d03 fd9cbf5b 16ac92db eafe797c
adebaff7 16cbdbcd 252be51f fb9a9fe2 51cc3a53 0c48e60e bdc9b476 0652e611
13857263 0304e004 362b2019 02e874a7 1fb6c956 66f07525 dc67c10e 616088b3
3ed1a8fc a3da1db0 d1b12354 df44766d ed41d8c1 b222b653 1cdf351d dca1772a
31e42df5 e5e5dbc8 e0ffe580 d70b63a0 ff33a10f ba2c1515 ea97b3d2 a2b5bef2
8c961e1a 8f1d6ca4 6137b986 7333d797 969e237d 82a44c81 e2a1d1ba 675f9507
a32711ee 16107bbc 454a4cb2 04d2abef d5fd0c51 ce506a08 31f991da 0c8f645c
03c33a8b 203f6e8d 673d3ad6 fe7d5b88 c95efbcc 61dc8b33 77d34432 35096204
921610d8 9e2747fb 3b21e3f8 eb1d5b02 03010001 a381b030 81ad300f 0603551d
130101ff 04053003 0101ff30 0b060355 1d0f0404 03020106 301d0603 551d0e04
1604141a 8462bc48 4c332504 d4eed0f6 03c41946 d1946b30 6e060355 1d230467
30658014 1a8462bc 484c3325 04d4eed0 f603c419 46d1946b a149a447 3045310b
30090603 55040613 02424d31 19301706 0355040a 13105175 6f566164 6973204c
696d6974 6564311b 30190603 55040313 1251756f 56616469 7320526f 6f742043
41203282 02050930 0d06092a 864886f7 0d010105 05000382 0201003e 0a164d9f
065ba8ae 715d2f05 2f67e613 4583c436 f6f3c026 0c0db547 645df8b4 72c946a5
03182755 89787d76 ea963480 1720dce7 83f88dfc 07b8da5f 4d2e67b2 84fdd944
fc775081 e67cb4c9 0d0b7253 f8760707 4147960c fbe08226 93558cfe 221f6065
7c5fe726 b3f73290 9850d437 7155f692 2178f795 79faf82d 26876656 3077a637
78335210 58ae3f61 8ef26ab1 ef187e4a 5963ca8d a256d5a7 2fbc561f cf39c1e2
fb0aa815 2c7d4d7a 63c66c97 443cd26f c34a170a f890d257 a21951a5 2d9741da
074fa950 da908d94 46e13ef0 94fd1000 38f53be8 40e1b46e 561a20cc 6f588ded
2e458fd6 e9933fe7 b12cdf3a d6228cdc 84bb226f d0f8e4c6 39e90488 3cc3baeb
557a6d80 9924f56c 01fbf897 b0945beb fdd26ff1 77680d35 6423acb8 55a103d1
4d4219dc f8755956 a3f9a849 79f8af0e b911a07c b76aed34 d0b62662 381a870c
f8e8fd2e d3907f07 912a1dd6 7e5c8583 99b03808 3fe95ef9 3507e4c9 626e577f
a75095f7 bac89be6 8ea201c5 d666bf79 61f33c1c e1b9825c 5da0c3e9 d848bd19
a2111419 6eb2861b 683e4837 1a88b75d 965e9cc7 ef276208 e291195c d2f121dd
ba174282 97718153 31a99ff6 7d62bf72 e1a3931d cc8a265a 0938d0ce d70d8016
b478a53a 874c8d8a a5d54697 f22c10b9 bc5422c0 01506943 9ef4b2ef 6df8ecda
f1e3b1ef df918f54 2a0b25c1 2619c452 100565d5 8210eac2 31cd2e
quit
crypto ca certificate chain ASDM_imiscloud
certificate 8f29eea8657e78265d26e6f58d774af9
30820635 3082051d a0030201 02021100 8f29eea8 657e7826 5d26e6f5 8d774af9
300d0609 2a864886 f70d0101 0b050030 818f310b 30090603 55040613 02474231
1b301906 03550408 13124772 65617465 72204d61 6e636865 73746572 3110300e
06035504 07130753 616c666f 72643118 30160603 55040a13 0f536563 7469676f
204c696d 69746564 31373035 06035504 03132e53 65637469 676f2052 53412044
6f6d6169 6e205661 6c696461 74696f6e 20536563 75726520 53657276 65722043
41301e17 0d323430 34333030 30303030 305a170d 32353035 33313233 35393539
5a301a31 18301606 03550403 0c0f2a2e 696d6973 636c6f75 642e636f 6d308201
22300d06 092a8648 86f70d01 01010500 0382010f 00308201 0a028201 0100e633
2ac024e0 464ce76e 304a9041 7a50c8f8 20c8c2ec 5be80e05 586463e8 7c08b6a0
639a263f f8cb0c04 74b6f89b 5b9b53ff 65445fd5 e1e198e9 c65a11e7 aee9fd78
26f7cc6d 8d0f0934 14708498 46c9fe10 f680056c 86a74fcf 16ba7851 d7c38266
0384182d dab844b4 8fd2f568 6ac6661f 76a6f895 ceab730d c4b7a01b 500677b3
d44431c0 a5dadd48 084cbd50 c4856ef7 86253fd0 5a91a493 d4d1a442 c4f30533
35256c85 8ee06dbf 035131b7 56cf5bc2 2fed13ce a8c2cd83 ed6a5e17 03eba642
6ec21ed4 9deb5be5 ce7d214f 656ce677 f72f553a 77e5c5aa a4ff4ef9 adc3639e
969a3c68 1b72eef8 37cbab84 2cdcee89 16cfe3f5 b1ae8443 d50a092c 76f30203
010001a3 8202fe30 8202fa30 1f060355 1d230418 30168014 8d8c5ec4 54ad8ae1
77e99bf9 9b05e1b8 018d61e1 301d0603 551d0e04 160414cc b191cd28 44ff7400
9c47ea60 152bc3f1 c9e6fb30 0e060355 1d0f0101 ff040403 0205a030 0c060355
1d130101 ff040230 00301d06 03551d25 04163014 06082b06 01050507 03010608
2b060105 05070302 30490603 551d2004 42304030 34060b2b 06010401 b2310102
02073025 30230608 2b060105 05070201 16176874 7470733a 2f2f7365 63746967
6f2e636f 6d2f4350 53300806 0667810c 01020130 81840608 2b060105 05070101
04783076 304f0608 2b060105 05073002 86436874 74703a2f 2f637274 2e736563
7469676f 2e636f6d 2f536563 7469676f 52534144 6f6d6169 6e56616c 69646174
696f6e53 65637572 65536572 76657243 412e6372 74302306 082b0601 05050730
01861768 7474703a 2f2f6f63 73702e73 65637469 676f2e63 6f6d3029 0603551d
11042230 20820f2a 2e696d69 73636c6f 75642e63 6f6d820d 696d6973 636c6f75
642e636f 6d308201 7c060a2b 06010401 d6790204 02048201 6c048201 68016600
7500cf11 56eed52e 7caff387 5bd9692e 9be91a71 674ab017 ecac01d2 5b77cecc
3b080000 018f2f70 028b0000 04030046 30440220 6f65f642 b4920369 1159d9e4
105a9670 891e695c 10725004 dbddc0d2 3f12c975 02204e79 140d9dab e2a5f2d2
6b143448 273a6bb0 b9ffa694 9a1b5e83 0af35c7b 87f60075 00a2e30a e445efbd
ad9b7e38 ed476777 53d7825b 8494d72b 5e1b2cc4 b950a447 e7000001 8f2f7002
0c000004 03004630 44022020 6d6aecc8 7a5bde06 e5d01421 3153aee9 37aaa42b
5fb36850 82b67689 44567602 205c7cd2 f6503914 ee7b516e 172d6c55 4a2f59db
d9e92390 48be6c75 525afdf3 fb007600 4e75a327 5c9a10c3 385b6cd4 df3f52eb
1df0e08e 1b8d69c0 b1fa64b1 629a39df 0000018f 2f7001f4 00000403 00473045
022100df ab899e84 60c83769 2f0416e0 3bc38920 c6713697 8a9ba8ea 265c3c34
1426ae02 204275f3 7aebb940 4a6ed71b 9e276e02 bb3c1a6b da48d02a 6935d237
509dfad7 4f300d06 092a8648 86f70d01 010b0500 03820101 007a1173 05c36de4
c1c06f4d 6d9f958c 99c5828d d7e08e2d 919113eb 76f782a2 f0d04876 6b4560ae
55f28bea f4fe4f8a 4f0cee42 8551d862 7c460126 cb131f30 f72fdf8e 4cb0a2ad
7be07cd3 92d46823 2206374d 461bcd12 1540b074 e8606c09 80a94686 dad7bca6
c4c40ffc ef5c9449 75c8ac04 fc7cb465 0be85630 8d602280 48b28c80 071b9679
a6dc2a33 b7054baf a1270069 176f403b b5062f06 2bbff7e4 a8e2a4af 7571387f
9b6b7c8c 459d7e7b cefe74b0 f34789de aaadaf7c def08213 c01878ba 103798eb
9808b815 59bddf8e 95ac6ee2 e97ff9df 8a58523f 666f9d03 a14457ca 94239731
7eb767ab 84c6abb0 b2b15ebb b264d71b dcf389db 380271a3 8c
quit
certificate ca 7d5b5126b476ba11db74160bbc530da7
30820613 308203fb a0030201 0202107d 5b5126b4 76ba11db 74160bbc 530da730
0d06092a 864886f7 0d01010c 05003081 88310b30 09060355 04061302 55533113
30110603 55040813 0a4e6577 204a6572 73657931 14301206 03550407 130b4a65
72736579 20436974 79311e30 1c060355 040a1315 54686520 55534552 54525553
54204e65 74776f72 6b312e30 2c060355 04031325 55534552 54727573 74205253
41204365 72746966 69636174 696f6e20 41757468 6f726974 79301e17 0d313831
31303230 30303030 305a170d 33303132 33313233 35393539 5a30818f 310b3009
06035504 06130247 42311b30 19060355 04081312 47726561 74657220 4d616e63
68657374 65723110 300e0603 55040713 0753616c 666f7264 31183016 06035504
0a130f53 65637469 676f204c 696d6974 65643137 30350603 55040313 2e536563
7469676f 20525341 20446f6d 61696e20 56616c69 64617469 6f6e2053 65637572
65205365 72766572 20434130 82012230 0d06092a 864886f7 0d010101 05000382
010f0030 82010a02 82010100 d67333d6 d73c20d0 00d21745 b8d63e07 a23fc741
ee3230c9 b06cfdf4 9fcb1298 0f2d3f8d 4d010c82 0f177f62 2ee9b848 79fb1683
4eadd732 2593b707 bfb9503f a94cc340 2ae939ff d981ca1f 163241da 8026b923
7a87201e e3ff209a 3c95446f 87750690 40b43293 16091008 233ed2dd 870f6f5d
51146a0a 69c54f01 7269cfd3 934c6d04 a0a31b82 7eb19ab9 edc59ec5 37789f9a
0834fb56 2e58c409 0e06645b bc37dcf1 9f2868a8 56b092a3 5c9fbb88 98081b24
1dab3085 aeafb02e 9e7a9dc1 c0421ce2 02f0eae0 4ad2ef90 0eb4c140 16f06f85
424a64f7 a430a0fe bf2ea327 5a8e8b58 b8adc319 178463ed 6f56fd83 cb6034c4
74bee69d dbe1e4e5 ca0c5f15 02030100 01a38201 6e308201 6a301f06 03551d23
04183016 80145379 bf5aaa2b 4acf5480 e1d89bc0 9df2b203 66cb301d 0603551d
0e041604 148d8c5e c454ad8a e177e99b f99b05e1 b8018d61 e1300e06 03551d0f
0101ff04 04030201 86301206 03551d13 0101ff04 08300601 01ff0201 00301d06
03551d25 04163014 06082b06 01050507 03010608 2b060105 05070302 301b0603
551d2004 14301230 06060455 1d200030 08060667 810c0102 01305006 03551d1f
04493047 3045a043 a041863f 68747470 3a2f2f63 726c2e75 73657274 72757374
2e636f6d 2f555345 52547275 73745253 41436572 74696669 63617469 6f6e4175
74686f72 6974792e 63726c30 7606082b 06010505 07010104 6a306830 3f06082b
06010505 07300286 33687474 703a2f2f 6372742e 75736572 74727573 742e636f
6d2f5553 45525472 75737452 53414164 64547275 73744341 2e637274 30250608
2b060105 05073001 86196874 74703a2f 2f6f6373 702e7573 65727472 7573742e
636f6d30 0d06092a 864886f7 0d01010c 05000382 02010032 bf61bd0e 48c34fc7
ba474df8 9c781901 dc131d80 6ffcc370 b4529a31 339a5752 fb319e6b a4ef54aa
898d4017 68f81110 7cd2cab1 f15586c7 eeb33691 86f63951 bf46bf0f a0bab4f7
7e49c42a 36179ee4 68397aaf 944e566f b27b3bbf 0a86bdcd c5771c03 b838b1a2
1f5f7edb 8adc4648 b6680acf b2b5b4e2 34e467a9 3866095e d2b8fc9d 283a1740
27c2724e 29fd213c 7ccf13fb 962cc531 44fd13ed d59ba969 68777cee e1ffa4f9
36380853 39a28434 9c19f3be 0eacd524 37eb23a8 78d0d3e7 ef924764 623922ef
c6f711be 2285c666 4424268e 10328dc8 93ae079e 833e2fd9 f9f5468e 63bec1e6
b4dca6cd 21a8860a 95d92e85 261afdfc b1b65742 6d95d133 f6391406 824138f5
8f58dc80 5ba4d57d 9578fda7 9bfffdc5 a869ab26 e7a7a405 875ba9b7 b8a3200b
97a94585 ddb38be5 89378e29 0dfc0617 f638400e 42e41206 fb7bf3c6 116862df
e398f413 d8154f8b b169d910 60bc642a ea31b7e4 b5a33a14 9b26e30b 7bfd028e
b699c138 975936f6 a874a286 b65eebc6 64eacfa0 a3f96e9e ba2d11b6 86980858
2dc9ac25 64f25e75 b438c1ae 7f5a4683 ea51cab6 f1991135 6ba56a7b c600b0e7
f8be64b2 adc8c2f1 ace351ea a493e079 c8e18140 c90a5be1 123cc160 2ae397c0
8942ca94 cf469812 69bb98d0 c2d30d72 4b476ee5 93c43228 638743e4 b0323e0a
d34bbf23 9b142941 2b9a041f 932df1c7 39483cad 5a127f
quit
crypto ca certificate chain ASDM_imiscloud-1
certificate ca 01fd6d30fca3ca51a81bbc640e35032d
308205de 308203c6 a0030201 02021001 fd6d30fc a3ca51a8 1bbc640e 35032d30
0d06092a 864886f7 0d01010c 05003081 88310b30 09060355 04061302 55533113
30110603 55040813 0a4e6577 204a6572 73657931 14301206 03550407 130b4a65
72736579 20436974 79311e30 1c060355 040a1315 54686520 55534552 54525553
54204e65 74776f72 6b312e30 2c060355 04031325 55534552 54727573 74205253
41204365 72746966 69636174 696f6e20 41757468 6f726974 79301e17 0d313030
32303130 30303030 305a170d 33383031 31383233 35393539 5a308188 310b3009
06035504 06130255 53311330 11060355 0408130a 4e657720 4a657273 65793114
30120603 55040713 0b4a6572 73657920 43697479 311e301c 06035504 0a131554
68652055 53455254 52555354 204e6574 776f726b 312e302c 06035504 03132555
53455254 72757374 20525341 20436572 74696669 63617469 6f6e2041 7574686f
72697479 30820222 300d0609 2a864886 f70d0101 01050003 82020f00 3082020a
02820201 00801265 17360ec3 db08b3d0 ac570d76 edcd27d3 4cad5083 61e2aa20
4d092d64 09dcce89 9fcc3da9 ecf6cfc1 dcf1d3b1 d67b3728 112b47da 39c6bc3a
19b45fa6 bd7d9da3 6342b676 f2a93b2b 91f8e26f d0ec1620 90093ee2 e874c918
b491d462 64db7fa3 06f18818 6a90223c bcfe13f0 87147bf6 e41f8ed4 e451c611
67460851 cb861454 3fbc33fe 7e6c9cff 169d18bd 518e35a6 a766c872 67db2166
b1d49b78 03c0503a e8ccf0dc bc9e4cfe af059635 1f575ab7 ffcef93d b72cb6f6
54ddc8e7 123a4dae 4c8ab75c 9ab4b720 3dca7f22 34ae7e3b 68660144 e7014e46
539b3360 f794be53 37907343 f332c353 efdbaafe 744e69c7 6b8c6093 dec4c70c
dfe132ae cc933b51 7895678b ee3d56fe 0cd0690f 1b0ff325 266b336d f76e47fa
7343e57e 0ea566b1 297c3284 635589c4 0dc19354 301913ac d37d37a7 eb5d3a6c
355cdb41 d712daa9 490bdfd8 808a0993 628eb566 cf2588cd 84b8b13f a4390fd9
029eeb12 4c957cf3 6b05a95e 1683ccb8 67e2e813 9dcc5b82 d34cb3ed 5bffdee5
73ac233b 2d00bf35 55740949 d849581a 7f9236e6 51920ef3 267d1c4d 17bcc9ec
4326d0bf 415f40a9 4444f499 e757879e 501f5754 a83efd74 632fb150 6509e658
422e431a 4cb4f025 4759fa04 1e93d426 464a5081 b2debe78 b7fc6715 e1c95784
1e0f63d6 e962bad6 5f552eea 5cc62808 042539b8 0e2ba9f2 4c971c07 3f0d52f5
edef2f82 0f020301 0001a342 3040301d 0603551d 0e041604 145379bf 5aaa2b4a
cf5480e1 d89bc09d f2b20366 cb300e06 03551d0f 0101ff04 04030201 06300f06
03551d13 0101ff04 05300301 01ff300d 06092a86 4886f70d 01010c05 00038202
01005cd4 7c0dcff7 017d4199 650c73c5 529fcbf8 cf99067f 1bda4315 9f9e0255
579614f1 523c2787 9428ed1f 3a0137a2 76fc5350 c0849bc6 6b4eba8c 214fa28e
556291f3 6915d8bc 88e3c4aa 0bfdefa8 e94b552a 06206d55 782919ee 5f305c4b
241155ff 249a6e5e 2a2bee0b 4d9f7ff7 01389414 95430709 fb60a9ee 1cab128c
a09a5ea7 986a596d 8b3f08fb c8d145af 18156490 120f7328 2ec5e224 4efc58ec
f0f445fe 22b3eb2f 8ed2d945 6105c197 6fa87672 8f8b8c36 afbf0d05 ce718de6
a66f1f6c a67162c5 d8d08372 0cf16711 890c9c13 4c7234df bcd571df aa71dde1
b96c8c3c 125d65da bd5712b6 436bffe5 de4d6611 51cf99ae ec17b6e8 71918cde
49fedd35 71a21527 941ccf61 e326bb6f a3672521 5de6dd1d 0b2e681b 3b82afec
836785d4 985174b1 b9998089 ff7f7819 5c794a60 2e9240ae 4c372a2c c9c762c8
0e5df736 5bcae025 2501b4dd 1a079c77 003fd0dc d5ec3dd4 fabb3fcc 85d66f7f
a92ddfb9 02f7f597 9ab535da c367b087 4aa9289e 238eff5c 276be1b0 4ff307ee
002ed459 87cb5241 95eaf447 d7ee6441 557c8d59 0295dd62 9dc2b9ee 5a287484
a59bb790 c70c07df f5893674 32d628c1 b0b00be0 9c4cc31c d6fce369 b5474681
2fa282ab d3634470 c48dff2d 33baad8f 7bb57088 ae3e19cf 4028d8fc c890bb5d
9922f552 e658c51f 883143ee 881dd7c6 8e3c436a 1da718de 7d3d16f1 62f9ca90
a8fd
quit
crypto ca certificate chain ASI-Support
certificate ca 64be6c2a42756b864d140ea74231498c
308202f0 308201d8 a0030201 02021064 be6c2a42 756b864d 140ea742 31498c30
0d06092a 864886f7 0d01010b 05003034 31323030 06035504 0313294d 6963726f
736f6674 20417a75 72652046 65646572 61746564 2053534f 20436572 74696669
63617465 301e170d 32343036 32373133 33343536 5a170d32 37303632 37313333
3435365a 30343132 30300603 55040313 294d6963 726f736f 66742041 7a757265
20466564 65726174 65642053 534f2043 65727469 66696361 74653082 0122300d
06092a86 4886f70d 01010105 00038201 0f003082 010a0282 010100a0 88d95b19
66bc9c3c b86bee97 a0925249 484a7d74 2be1fbe7 f02feab0 6c859263 a61751f0
66cc0c1d bcaf6b37 e1efb60c 59326dc9 cc7e7a02 e5db0546 3391afc1 c4651c8c
2786de9d 4467587e 7e31cafd ebd69975 210ae5e9 d69ebda4 895f58f6 86eee1bb
4d6ae2a5 c480584d f8547122 f103e1bd 9c2ef1da f9b04019 dd841388 c930e7cd
e9dfc7f2 bfded74a d8ac047c a79ebcde 72555e7c e8630b84 1b0627a4 27aa74e9
d263667e d624a545 77f51106 d729a507 c07ec15e ea6c42bd cab65718 40f7e1f4
da02359e c344b4a3 a5d14d35 5aa0d04b e518d47a a247d2e5 d8f850ae 8afdf93f
5139b038 137fdd26 9b4b1175 d7c2b30f 9c116986 c48c3cd7 31ac0d02 03010001
300d0609 2a864886 f70d0101 0b050003 82010100 76fa261a b8cf1912 63f1c240
1943116f 1427eda8 ad0f73e9 efffa342 ea24aca6 0fc95c8b 43d98f9d 88c9aa29
7eef3bdb 8739485c 2badd91d 289135cd 8e5aa60a e0eedf14 ba8815d8 5b426a79
13787d07 daf8323a 7e4fc0eb 12468870 3cf5c516 97c9e878 c6c51455 98a29216
c58cacb9 ba510c6f 9ac8f7e2 e4620ae0 7a7686df 79d19027 6d0dee57 1d6fcf62
a0fcd5bd 4c9bc67f 9b57f5b7 570e18b5 feccc782 a814263d f9a56da0 bd958ea1
6b503aef 1954d900 de72dd7c 6dc32ae4 da701fa2 b41d7c76 26c12073 5c4ff088
68b430f0 eb28790b e74800ed e397c6ee ec4d55ea 2f017aeb 0c0fb487 5a5c63c1
93288530 6fba56aa 923f9879 6ff9cc38 1cb36051
quit
crypto ikev2 limit queue sa_init 150
telnet timeout 10
ssh stack ciscossh
ssh stricthostkeycheck
ssh timeout 60
ssh key-exchange group dh-group14-sha256
ssh 10.10.10.10 255.255.255.255 Outside
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl trust-point ASDM_imiscloud Outside
webvpn
enable Outside
http-headers
hsts-server
enable
max-age 31536000
include-sub-domains
no preload
hsts-client
enable
x-content-type-options
x-xss-protection
content-security-policy
anyconnect image disk0:/cisco-secure-client-win-5.1.2.42-webdeploy-k9.pkg 1
anyconnect image disk0:/anyconnect-win-4.10.08029-webdeploy-k9.pkg 2
anyconnect profiles ASI-Support disk0:/asi-support.xml
anyconnect enable
saml idp https://sts.windows.net/f81fd783-bd30-4544-a2db-1e70d6879686/
url sign-in https://login.microsoftonline.com/f81fd783-bd30-4544-a2db-1e70d6879686/saml2
url sign-out https://login.microsoftonline.com/f81fd783-bd30-4544-a2db-1e70d6879686/saml2
base-url https://asisupportvpn.imiscloud.com
trustpoint idp ASI-Support
trustpoint sp ASDM_imiscloud
no signature
force re-authentication
tunnel-group-list enable
cache
disable
error-recovery disable
group-policy GroupPolicy_ASI-Support internal
group-policy GroupPolicy_ASI-Support attributes
wins-server none
dns-server value 10.100.1.8 10.100.1.9
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelspecified
split-tunnel-network-list value SPLIT_TUNNEL
default-domain value domain.local
webvpn
anyconnect profiles value ASI-Support type user
anyconnect ask none default anyconnect
dynamic-access-policy-record DfltAccessPolicy
username user_admin password ***** pbkdf2 privilege 15
tunnel-group ASI-Support type remote-access
tunnel-group ASI-Support general-attributes
address-pool VPN-Pool
default-group-policy GroupPolicy_ASI-Support
tunnel-group ASI-Support webvpn-attributes
authentication saml
group-alias ASI-Support enable
saml identity-provider https://sts.windows.net/f81fd783-bd30-4544-a2db-1e70d6879686/
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect sip
inspect netbios
inspect tftp
inspect ip-options
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile License
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination transport-method http
Cryptochecksum:618370977c35224737ad3ecfa8c7e1bc
: end
Support-ASA#
- Labels:
-
AnyConnect
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-01-2024 08:29 AM
nat (any,any) source static inside_network inside_network destination static inside_network inside_network no-proxy-arp
nat (any,any) source static VPN-Pool VPN-Pool destination static VPN-Pool VPN-Pool no-proxy-arp
nat (inside ,outside) source static inside_network inside_network destination static VPN-Pool VPN-Pool
Only nat need to correct
MHM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-01-2024 11:29 AM
Thanks. It's working now
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide