I have a Cisco ASA device which I am using for webvpn.
Anyconnect works OK. Clients connect in and get an IP address of 172.28.15.10-172.28.15.100. When the router tries to ping anything outside of this network i.e. 172.28.1.1 I get the followign error:
6 Mar 28 2012 13:23:35 302021 172.28.15.10 1024 172.28.1.1 0 Teardown ICMP connection for faddr 172.28.15.10/1024 gaddr 172.28.1.1/0 laddr 172.28.1.1/0 (uk000296)
The explaination states: An ICMP session was established in the fast-path when stateful ICMP was enabled using the inspect icmp command.
I have ran route print, and the PC has a route of 172.28.10 to the interface of the VPN connection (172.28.15.10).
I believe my problem maybe my NAT rules. These have been setup as:
nat (Live,Live) source static 172.28.15.0 172.16.0.0
nat (Live,Live) source static 172.16.0.0 172.28.15.0
Any ideas why routing isn't working ?