Can not access ASAs inside interface via VPN tunnels

Unanswered Question
Aug 12th, 2009
User Badges:

Hi there,

I have a funny problem.

I build up a hub and spoke VPN, with RAS Client VPN access for the central location.

All tunnels and the RAS VPN access are working fine.

I use the tunnels for Voip, terminal server access and a few other services.

The only problem I have is, that I could not access the inside IP address of any of my ASAs, neither via tunnels nor via RAS VPN access. No telnet access and no ping reach the inside interfaces.

No problem when I connect to the interface via a host inside the network.

All telnet statments in the config are ending with the INSIDE command.

On most of the ASAs the 8.2 IOS is running on one or two ASAs the 8.0(4).

For the RAS client access I use the Cisco 5.1 VPN client.

Did anybody have any suggestions?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Thu, 08/13/2009 - 05:28
User Badges:
  • Green, 3000 points or more


Simply add on the asas you want to administer through the tunnels


for asa5505

management-access inside

for all others if you have management interface management0/0 defined then:

management-access management

then you may need to allow the source , for example if RA VPN pool network is then you tell asa that network cann administer asa and point access to inside, but sounds you have this part already.

telnet inside

http inside

same principle for l2l vpns


JORGE RODRIGUEZ Fri, 08/14/2009 - 09:50
User Badges:
  • Green, 3000 points or more

Marcel, are you all set or still have issues managing asa through ipsec?

puseth Tue, 08/18/2009 - 11:07
User Badges:

can you add this command in your Asa and test it out...

management-access inside


This Discussion