I do not know yet exactly what your issue is, but here are some thoughts and suggestions to help solve it.
First I would like to verify that telnet to the router works if you are on the inside of the network. I have seen routers configured to use SSH for remote access which would refuse telnet access. I kind of doubt that this is the issue. But since we do not know your environment, this is the first question that I would ask.
You say that you establish the tunnel and can browse etc to things on the network. Can you verify that you can ping to the address on the router that you are attempting to telnet to? This will establish that the problem is not basic IP connectivity issues.
Assuming that the ping is successful, the next thing that I would suggest checking is whether the router allows incoming telnet on the VPN connection. Look at any access lists used to filter traffic on the inbound interface and at the access list used to define the VPN traffic and make sure that any of these lists would not prevent your telnet traffic.
If you find no issue of access lists filtering out your telnet, the next thing that I would check is whether the router has restrictions on who may telnet to it. This would be with an access-class configured under the vty ports. Check to see if the router has an access-class configured on its vty ports. And if it does look to see if your address is permitted in the access list that the access-class points to.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...