Unable to access ASA over VPN

Unanswered Question
May 21st, 2010
User Badges:

We have a ASA 5520 running

Cisco Adaptive Security Appliance Software Version 8.2(2)


We have a split tunnel using IPSEC to access our internal network. The access list for the tech group is pretty simple:


access-list xxxx extended permit ip 10.0.0.0 255.0.0.0 10.100.10.0 255.255.255.0
access-list xxxx extended permit ip 192.168.0.0 255.255.0.0 10.100.10.0 255.255.255.0
access-list xxxx extended permit ip 172.16.0.0 255.240.0.0 10.100.10.0 255.255.255.0


This gives us access to all our internal network servers etc


The internal address for the ASA is on the 192.168.0.0. We can get to everything on this network except the ASA. Both SSH and CiscoASDM fails.


I would have thought that since since the ASA is covered by the 192.168.0.0 and thus be able to gain access??

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
olivier.jessel Fri, 05/21/2010 - 08:11
User Badges:

Hi,


Have you configured ssh/asdm access for this IP source 10.100.10.0/24 ?

dont forget the packet is coming from the outside interface. (or another one, depends of your network)

I don't remember if I configured it... If I have some time I will test it.


++

Olivier

gginty Fri, 05/21/2010 - 08:33
User Badges:

Thanks


We got the SSH to work, but still having problems connecting via ASDM

Federico Coto F... Fri, 05/21/2010 - 09:40
User Badges:
  • Green, 3000 points or more

Ok, if you're connecting via SSH that means you have the command: management-access inside

that allows remote connectivity to the inside interface from a VPN tunnel.


Seems you're still having problems connecting via ASDM?

Question

Are you attempting to connect to the inside IP address through the tunnel and bring up ASDM? If so do you have the pool of VPN addresses allowed in the http access?


Federico.

Actions

This Discussion