"
Hi,
do you get dhcp leases? Then I would guess it's a DNS Problem. If so what are your settings there?
do you get dhcp leases? Then I would guess it's a DNS Problem. If so what are your settings there?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
General Discussion / Re: Getting VLANS and AP to work with my Netgear GS108Ev3 and Unifi Controller
March 10, 2025, 08:17:07 PM #2
General Discussion / Cisco AnyConnect VPN Fails – Suspected NAT/Asymmetric Routing Issue
March 10, 2025, 08:11:05 PM
Hello everyone,
I am having trouble connecting to my firm's network using the Cisco AnyConnect VPN client on my laptop, which is connected directly to one of several interfaces on my OPNsense system.
The Situation:
Laptop with Cisco AnyConnect: The VPN client does not establish a connection.
Other VPN (Baracuda): On another computer, Baracuda VPN works fine.
Firewall Testing: I temporarily set all firewall rules to "any/any" (i.e. allow all traffic) and internet access works normally.
NAT Settings: I have tried both automatic and hybrid outbound NAT modes without success (with static ports and without).
Suspected Issue: Despite the open firewall, the Cisco AnyConnect connection still fails. I suspect that a NAT misconfiguration or asymmetric routing (where return traffic does not follow the same path as outbound traffic) is causing state/NAT translation mismatches (with floating rules I don't geht blocks of TCP Traffic anymore but no connection as well)
Request for Help:
Has anyone experienced similar issues with Cisco AnyConnect in an OPNsense environment?
What adjustments to NAT or routing settings might resolve this?
Are there additional logs or tests that could help pinpoint the problem?
Any tips on handling potential asymmetric routing issues in multi-interface setups?
Wy WAN is from a fibre modem (ppoe) , just one wan, no fancy stuff only a buch of VLANS. The laptop is conneted with lan port directly on the opnsense (untagged).
Thanks in advance for your assistance!
I am having trouble connecting to my firm's network using the Cisco AnyConnect VPN client on my laptop, which is connected directly to one of several interfaces on my OPNsense system.
The Situation:
Laptop with Cisco AnyConnect: The VPN client does not establish a connection.
Other VPN (Baracuda): On another computer, Baracuda VPN works fine.
Firewall Testing: I temporarily set all firewall rules to "any/any" (i.e. allow all traffic) and internet access works normally.
NAT Settings: I have tried both automatic and hybrid outbound NAT modes without success (with static ports and without).
Suspected Issue: Despite the open firewall, the Cisco AnyConnect connection still fails. I suspect that a NAT misconfiguration or asymmetric routing (where return traffic does not follow the same path as outbound traffic) is causing state/NAT translation mismatches (with floating rules I don't geht blocks of TCP Traffic anymore but no connection as well)
Request for Help:
Has anyone experienced similar issues with Cisco AnyConnect in an OPNsense environment?
What adjustments to NAT or routing settings might resolve this?
Are there additional logs or tests that could help pinpoint the problem?
Any tips on handling potential asymmetric routing issues in multi-interface setups?
Wy WAN is from a fibre modem (ppoe) , just one wan, no fancy stuff only a buch of VLANS. The laptop is conneted with lan port directly on the opnsense (untagged).
Thanks in advance for your assistance!
Pages1
