Solved: TCP flow intercept when telnetting to ASA on a VPN connection

David.Pellat · ‎12-13-2007

Hi,

I have deployed a asa5510. It is connected to the internet on it's outside interface. I can connect to the FW when i have a VPN connection and i can connect to the FW using the ASDM. I cannot access the FW via Telnet to the inside interface. I get a message in the Logs saying: Flow terminated by TCP intercept. There are the correct rules permitting this connection on the FW. Also i can telnet through the FW to other devices but just not to the FW itself.

amritpatek · ‎12-20-2007

To access the inside interface of the ASA through Telnet (over an IPSec tunnel), management access on the inside interface is needed. These rights must include access to the remote networks in the local ASA Telnet commands. To configure this access, issue the management-access inside command on the ASA. The management-access mgmt_if command helps to define an internal management interface with the IP address of the ASA interface specified.

View solution in original post

amritpatek · ‎12-20-2007

To access the inside interface of the ASA through Telnet (over an IPSec tunnel), management access on the inside interface is needed. These rights must include access to the remote networks in the local ASA Telnet commands. To configure this access, issue the management-access inside command on the ASA. The management-access mgmt_if command helps to define an internal management interface with the IP address of the ASA interface specified.