I have an ASA 5520 and behind it I have my LAN on one interface and a Cisco 3000 VPN Concentrator on another interface.
All connectivity to the vpn concentrator from the outside in works without issue.
However, from within the network I cannot access the webvpn login page. I get a TCP Reset-O everytime I try to connect to it. Currently this is happening with a net exemption rule enabled.
If I disable the NAT exemption rule, I get a "portmap creation failed." I have also tried to set a routing rule to force all traffic from the inside to a router on the outside interface of the asa. That doesn't work either. I get inbound denials when I try to do that.
Is there a way allow me to access the vpn concentrator on the other interface without moving it outside the asa?