69-49
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 69 General VPN Setup
Configuring AnyConnect VPN Client Connections
Figure 69-3 Create Network Object for a VPN address pool
b. In the Action Translated Packet area, configure these fields:
–
Source NAT Type: Static
–
Source Address: Original
–
Destination Address: Original
–
Service: Original
c. In the Options area, configure these fields:
–
Check Enable rule.
–
Uncheck or leave empty the Translate DNS replies that match this rule.
–
Direction: Both
–
Description: Add a Description for this rule.
d. Click OK.
e. Click Apply. Your rule should look like rule 1 in the Unified NAT table in Figure 69-5 on
page 69-52.
CLI example:
nat source static Engineering-VPN Engineering-VPN destination static Sales-VPN
Sales-VPN
f. Click Send.
Step 3 When ASA is performing NAT, in order for two hosts in the same VPN pool to connect to each other, or
for those hosts to reach the Internet through the VPN tunnel, you must enable the Enable traffic
between two or more hosts connected to the same interface option. To do this, in ASDM, select
Configuration > Device Setup > Interfaces. At the bottom of the Interface panel, check Enable traffic
between two or more hosts connected to the same interface and click Apply.
CLI example:
same-security-traffic permit inter-interface
