Hi everybody,
I have a customer who utilizes Cisco's VPN "AnyConnect". Currently they allow vendors to use the VPN on the guest network which is only captive portal username/login. They are denying internal networks, but using "allowall" below the deny in the firewall rules. Users can successfully connect to the guest network and access the internet, but they cannot launch their VPN client.
Could the deny-internal-network rule be causing the issue?
If not are there additional firewall rules (ports to allow, addresses to allow)
I also tried adding a rule to allow the specific IP address for the user in the Guest role for the VPN server 205.73.16.5 255.255.255.0, but I received an error stating "invalid ipaddress/subnet mask"
Any ideas?
Thanks for the help!
#7210