I am trying to setup a connection to an ASA 5505 inside interface via an IPSEC tunnel.
The reason for this is so that I can manage the ASA via the VPN, as opposed to connecting to the outside/public facing IP address (I also plan to setup our network monitor to poll SNMP on the ASA via the VPN tunnel, so that I can monitor that the VPN is up).
I have assigned the "management-access inside" command to the ASA and am able to ping the ASA inside interface IP via the VPN, however, I am unable to Telnet/SSH/ASDM/https to the ASA.
I have run a syslog debug on the ASA and I can see my telnet/ssh etc. sessions being established on the ASA, via the VPN, but it seems as though the return traffic of the telnet/ssh etc. is not coming back through the VPN, so I am thinking the issue is a routing issue.
I have checked all the usual NAT/ACL/crypto-map settings and it all looks OK, it just seems as though the ASA cannot route back through the VPN from it's inside interface.
For reference, traffic from hosts inside the ASA is going back and forth through the VPN fine.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...