Already there.

Are you using SSH or telnet?

SSH and ASDM no longer work from across the tunnel.

Can you ping the inside interface of the ASA over the VPN tunnel? If you can't there may be an issue with split tunnel ACL. Can you post a sanitized copy of the ASA configuration?

No, I just noticed that I can't ping the inside interface anymore. This is a Site-to-Site tunnel and those ACL's haven't changed that I can see.

Is the inside interface part of the crypto ACL. Can you ping other hosts on the same subnet across the VPN tunnel?

The inside interface is part of the ACL, and no I can no longer ping any host on that subnet across the tunnel.

3 Apr 17 2008 12:55:08 713902 Group = x.x.x.x, IP = x.x.x.x, QM FSM error (P2 struct &0x4c6cfb8, mess id 0xbe6589f2)!

3 Apr 17 2008 12:55:08 713227 IP = x.x.x.x, Rejecting new IPSec SA negotiation for peer x.x.x.x. A negotiation was already in progress for local Proxy 172.x.x.0/255.255.255.248, remote Proxy 10.x.x.0/255.255.255.0

Above are debugs from remote PIX.

I haven't seen this error message before. Can you do this.

clear crypto isakmp sa

clear crypto ipsec sa

Hi,

I have similar problem. We have ASA 5520. After upgrade to 8.0(3) we are not able manage device using ASDM (across Remote Access VPN). Ssh nad ping works. Any success solving this problem?