- Purple, 4500 points or more
I have an ASA5505 that terminates both an IPSec and SSL VPN (pool 172.16.254.0 /24). It's 'inside' interface is in another ASA's DMZ (172.16.100.0/24). When I VPN in I can access all resources inside, however I can not reach any services on the 172.16.100.0 network. The error in the log is
Mar 13 2009 09:38:26: %ASA-3-305006: regular translation creation failed for icmp src dmz:172.16.100.49 dst dmz:172.16.254.22 (type 0, code 0)
I have the two subnets NAT exempted and I have same-security-traffic permit intra-interface on. Any ideas on where to go?