Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2324
Views
0
Helpful
5
Replies

ASA5505 8.3.2 AnyConnect NAT Troubles

jeffhochberg
Level 1
Level 1

‎01-29-2011 10:38 PM - edited ‎02-21-2020 05:07 PM

Hello all,

I have searched high and low...read many different posts from others...even watched the video on the new NAT configuration examples for version 8.3 of the ASA code.  Still I am failing to configure AnyConnect VPN access successfully!  =(

My configuration is VERY simple.  My internal network is 192.168.223.0/24 and the pool of addresses I have assigned to the AnyConnect VPN clients is 192.168.25.0/24 (specifically 192.168.25.1 to 192.168.25.10).

I am able to connect to the ASA with AnyConnect successfully and am being assigned the first IP in the pool (192.168.25.1).  At this point I am unable to ping or connect to any host on the 192.168.223.0/24 subnet.

I have tried what I believe to be every combination/permutation of NAT commands to no avail, though I am convinced that I am experiencing a NAT issue and nothing is wrong with the policy.

If someone can please take a look and let me know what I am missing.  I'm sure it's something very simple.

Labels:
0 Helpful
5 Replies 5

lginod
Level 1
Level 1

‎01-30-2011 12:07 AM

Hello Jeffrey,

Please try this and let me know if that helps.

no nat (any,any) source static DM_INLINE_NETWORK_1 DM_INLINE_NETWORK_1 destination static DM_INLINE_NETWORK_2 DM_INLINE_NETWORK_2

nat (inside,outside) source static internal-net internal-net destination static vpn-client-net vpn-client-net

Sent from Cisco Technical Support iPhone App

0 Helpful

jeffhochberg
Level 1
Level 1
In response to lginod

‎01-30-2011 10:09 AM

Thanks for your reply.  Unfortunately that did not work.

0 Helpful

lginod
Level 1
Level 1
In response to jeffhochberg

‎01-30-2011 10:22 AM

Hey Jeffrey,

Can you attach your running config pls, so that I can find out why this isn't working?

Sent from Cisco Technical Support iPhone App

0 Helpful

jeffhochberg
Level 1
Level 1
In response to lginod

‎01-30-2011 11:18 AM

I figured out what the issue was on my one, and it was something simple that I was missing.

I had a routing issue internally as the host I have been trying to ping had its default gateway pointed to another host besides the ASA itself.  Therefore it didn't have a route back to the 192.168.25.0/24 network where the AnyConnect VPN connections were coming from.

0 Helpful

lginod
Level 1
Level 1
In response to jeffhochberg

‎01-31-2011 03:48 AM

Cool Jeffrey

Sent from Cisco Technical Support iPhone App

--Please rate the solutions.

0 Helpful
Customers Also Viewed These Support Documents