Solved

Cisco Any Connect VPN Issue Connecting to Internal Servers

Posted on 2013-10-29
5
410 Views
Last Modified: 2013-11-05
I have a Cisco ASA running 8.3, I am connecting using an Anyconnect VPN client Version 3.1 however cannot ping or connect to any internal servers. I suspect NAT however cant seem to pin it down any help would be appreciated ....  I can connect and authenticate to the ASA with the client.

 sh run attached
sh-runn-edited.txt
0
Comment
Question by:MERC-CS
  • 4
5 Comments
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 500 total points
ID: 39610002
I would suggest being more specific with your nat exemption.

instead of
nat (inside,any) source static any any destination static sesanyconnectvpn sesanyconnectvpn
!
try

object network NETWORK_OBJ_192.168.1.0_24
 subnet 192.168.1.0 255.255.255.0

nat (inside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static sesanyconnectvpn sesanyconnectvpn
!

Also, you don't have a split tunnel specified. although this is not a requirement, you may run into issues without it.
0
 

Author Comment

by:MERC-CS
ID: 39611916
Ok trying this
0
 

Author Comment

by:MERC-CS
ID: 39612694
no luck so far, i have started over using a new profile"anyconnect" and ip pool of "sesanyconnect" I can log in and surf the internet but internal servers I still cannot reach. I uploaded current sh runn reflecting changes.  The pc with client is Windows 7.

Thanks again
0
 

Accepted Solution

by:
MERC-CS earned 0 total points
ID: 39614964
I resolved the issue by changing my vpn pool assignment and network object from 10.10.10.0 255.255.255.0 network to 192.168.2.0 255.255.255.0. Not completely sure what I was missing the other way in the ASA but it is working now.

I also made the changes mentioned by the earlier post as well ...
0
 

Author Closing Comment

by:MERC-CS
ID: 39623804
his solution did not work until I made the final changes
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them mo…
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

29 Experts available now in Live!

Get 1:1 Help Now