===== Cisco Firepower AnyConnect =====
{{tag>Cisco AnyConnect NAT Firepower VPN}}

If you are using the BRI1 interface for your inside (LAN) network you will need to disable NAT exemption in the AnyConnect configuration and manually create a NAT rule.
| Placement | Before Auto NAT Rules |
| Type | Static | 

| Original Packet ||
| Source Interface | Any |
| Source Address | LAN |
| Source Port | Any |
| Destination Address | AnyConnect |
| Destination Port | Any |

| Translated Packet ||
| Destination Interface | WAN |
| Source Address | LAN |
| Source Port | Any |
| Destination Address | AnyConnect |
| Destination Port | Any |