Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Remote Management Access through VPN on ASA5505 Ver 8.4(4)1

Can’t get the VPN Management access to work.   ASA configured per the Cisco ASA5500 Series Configuration Guide using the CLI Chapter 27 “Information About NAT”  page 27-28

Route-lookup option added to end of nat statement, still no go.   When connected via VPN, can’t ping inside interface or get management access. The remainder of the VPN operates just fine.

same-security-traffic permit intra-interface

management-access inside

object network VPN_LOCAL

subnet 10.152.25.176 255.255.255.240

nat (outside,outside) dynamic interface

object network inside_nw

subnet 10.152.25.128 255.255.255.192

nat (inside,outside) dynamic interface

nat (outside,inside) source static VPN_LOCAL VPN_LOCAL destination static inside_nw inside_nw  route-lookup

Any ideas on what to try next?

Thanks, Pete

1 REPLY
Cisco Employee

Remote Management Access through VPN on ASA5505 Ver 8.4(4)1

Hello Pete,

I checked the info, I believe the ASA is being affected by the following bug.

ICMP to management-access interface through VPN fails

CSCuc58260

It should be fixed on the 8.4.5 release

Do not forget to score the answer if it was helpful.

regards,

Itzcoatl

193
Views
0
Helpful
1
Replies
CreatePlease login to create content