Solved

Cisco Any Connect VPN Issue Connecting to Internal Servers

Posted on 2013-10-29
5
421 Views
Last Modified: 2013-11-05
I have a Cisco ASA running 8.3, I am connecting using an Anyconnect VPN client Version 3.1 however cannot ping or connect to any internal servers. I suspect NAT however cant seem to pin it down any help would be appreciated ....  I can connect and authenticate to the ASA with the client.

 sh run attached
sh-runn-edited.txt
0
Comment
Question by:MERC-CS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 500 total points
ID: 39610002
I would suggest being more specific with your nat exemption.

instead of
nat (inside,any) source static any any destination static sesanyconnectvpn sesanyconnectvpn
!
try

object network NETWORK_OBJ_192.168.1.0_24
 subnet 192.168.1.0 255.255.255.0

nat (inside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static sesanyconnectvpn sesanyconnectvpn
!

Also, you don't have a split tunnel specified. although this is not a requirement, you may run into issues without it.
0
 

Author Comment

by:MERC-CS
ID: 39611916
Ok trying this
0
 

Author Comment

by:MERC-CS
ID: 39612694
no luck so far, i have started over using a new profile"anyconnect" and ip pool of "sesanyconnect" I can log in and surf the internet but internal servers I still cannot reach. I uploaded current sh runn reflecting changes.  The pc with client is Windows 7.

Thanks again
0
 

Accepted Solution

by:
MERC-CS earned 0 total points
ID: 39614964
I resolved the issue by changing my vpn pool assignment and network object from 10.10.10.0 255.255.255.0 network to 192.168.2.0 255.255.255.0. Not completely sure what I was missing the other way in the ASA but it is working now.

I also made the changes mentioned by the earlier post as well ...
0
 

Author Closing Comment

by:MERC-CS
ID: 39623804
his solution did not work until I made the final changes
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to get maximum transfer speed over LAN 4 125
Cisco WLAN 5520 licensing 10 156
Wireshark Network Packet Analysis of PS4 7 64
Barracuda WAF Training? 2 69
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question