How do you have the interfaces configured? You can only have 3 named interfaces on a standard asa and when you do you can't have 2 of them forwarding traffic. You also can not do a trunk port on the asa without a security plus license.

Type a pipe and i to Show specific text everywhere it shows in the config. If all you see is the acl it's not in use. You can also copy the text config to notepad and ctrl+f it. Show run | i HACK

There are a few other issues with your config as well.if this isn't production I recommend cleaning it up and writing it out and starting over. This will help you learn the process a bit more. Pointing out the corrections would be easier but I feel like you'd benefit more from finding it yourself.

You have an ip conflict then. You can't have your local subnet the same as Anyconnects pool. I haven't looked over the rest of your config but that is one major issue. To explain split tunnel think of it like this. Tunnel all says all traffic goes over the vpn. Split tunnel says only this traffic. Benefit of split tunnel is that only the traffic you care about goes over the tunnel, local stays local. This way you can access all your local resources and local internet path.

I'm sure I can figure this out if I could see snips of your config. I have a few questions though. Why do you have static ip and dns set if you are getting it from local pool? Acl / nat exempt? Are you split tunnel or full tunnel? Local subnet same as Anyconnect pool? Dns in group policy? Correct subnets in acl? If full tunnel and hairpin out remote gateway is same security permit intra interface in place?


I'm new to the group, I recently passed my CCNA and I just purchased OCG + INE Videos to get me on my way studying for CCNP. I am doing this in a group setting with other coworkers and I was trying to figure on a timeline. Is 2 chapters a week too aggressive? The goal is all 3 tests passed in ~9-10Months


Don’t stop; keep up your momentum. If you’re not married with kids, your timeline is possible.

Uh oh. I am literally at the hospital right now, my wife is giving birth to our second child lol.

Are you able to ping the switch from the router or the router from the switch? I've also seen some weird things in packet tracer where everything appears to be configured properly but it doesn't work properly until i save my work and relaunch it.

I'd like the discord link as well please. I'm forming a study group with work and will be tackling switch first thing

