Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

talking to device on different interface...


I have an ASA 5520 and behind it I have my LAN on one interface and a Cisco 3000 VPN Concentrator on another interface.

All connectivity to the vpn concentrator from the outside in works without issue.

However, from within the network I cannot access the webvpn login page. I get a TCP Reset-O everytime I try to connect to it. Currently this is happening with a net exemption rule enabled.

If I disable the NAT exemption rule, I get a "portmap creation failed." I have also tried to set a routing rule to force all traffic from the inside to a router on the outside interface of the asa. That doesn't work either. I get inbound denials when I try to do that.

Is there a way allow me to access the vpn concentrator on the other interface without moving it outside the asa?

CreatePlease to create content