Hello,

I have just migrated from a PIX 6.3 to ASA 9.1(1), everything seems to work fine except for the ASDM access from the outside interface. I am able to get ASDM access from the inside interface. 

Strangely I am see accepted packets in the logging, but when I telnet on the outside interface on port 443 I am unable to telnet( I am telneting  for a public IP). 

Has anyone faced similar issues.

interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address XX.XX.XX.145 255.255.255.248 
!
interface GigabitEthernet0/1
 nameif inside
 security-level 100
 ip address 192.168.105.1 255.255.255.0 
!

access-list outside_access_in extended permit tcp any object 192.168.105.210 eq 3389 
access-list outside_access_in extended permit tcp any object 192.168.105.220 eq 3389 
access-list outside_access_in extended permit tcp any object 192.168.30.31 eq 502 
access-list outside_access_in extended permit tcp any object 192.168.105.109 eq www 
access-list outside_access_in extended permit tcp any object 192.168.105.109 eq https 
access-list outside_access_in extended permit tcp any object 172.16.105.10 eq smtp 
access-list outside_access_in extended permit tcp any object 172.16.105.10 eq 8000 
access-list outside_access_in extended permit tcp any object XX.XX.XX.145(outside iInt IP) eq https 
access-list DMZ_access_in extended permit tcp object SMTPGW-DMZ any eq domain 
access-list DMZ_access_in extended permit tcp object SMTPGW-DMZ any eq www 
access-list DMZ_access_in extended permit object HTTPS object SMTPGW-DMZ any 
access-list DMZ_access_in extended permit tcp object SMTPGW-DMZ any eq smtp 
access-list DMZ_access_in extended permit ip any any 
access-list inside_access_in extended permit ip any any inactive 
access-list outside_cryptomap extended permit ip object-group DM_INLINE_NETWORK_3 object-group DM_INLINE_NETWORK_4 
access-list spiclient_splitTunnelAcl standard permit 192.168.105.0 255.255.255.0 
access-list spiclient_splitTunnelAcl standard permit 192.168.30.0 255.255.255.0 
access-list ININSIDE extended permit ip 192.168.105.0 255.255.255.0 172.16.105.0 255.255.255.0 
access-list ININSIDE extended permit ip 192.168.105.0 255.255.255.0 192.168.106.0 255.255.255.0 
access-list ININSIDE extended permit ip 192.168.105.0 255.255.255.0 192.168.107.0 255.255.255.0 
access-list ININSIDE extended permit ip 192.168.105.0 255.255.255.0 192.168.255.0 255.255.255.0 
access-list ININSIDE extended permit udp any any eq domain 
access-list ININSIDE extended permit tcp any any eq www 
access-list ININSIDE extended permit tcp any any eq 8080 
access-list ININSIDE extended permit tcp any any eq https 
access-list ININSIDE extended permit tcp any any eq ftp-data 
access-list ININSIDE extended permit tcp any any eq ftp 
access-list ININSIDE extended permit tcp any any eq telnet 
      
access-list ININSIDE extended permit tcp any any eq 1863 
access-list ININSIDE extended permit tcp any any eq 5050 
access-list ININSIDE extended permit tcp any any eq 3389 
access-list ININSIDE extended permit tcp any any eq 995 
access-list ININSIDE extended permit tcp any any eq 1227 
access-list ININSIDE extended permit udp any any eq 1227 
access-list ININSIDE extended permit ip host 192.168.105.73 any 
access-list ININSIDE extended permit ip host 192.168.105.71 any 
access-list ININSIDE extended permit udp any any eq isakmp 
access-list ININSIDE extended permit udp any eq isakmp any 
access-list ININSIDE extended permit esp any any 
access-list ININSIDE extended permit udp any any eq 4500 
access-list ININSIDE extended permit udp any eq 4500 any 
access-list ININSIDE extended permit udp any any eq ntp 
access-list ININSIDE extended permit tcp any any eq 123 
access-list ININSIDE extended permit tcp any eq 123 any 
access-list ININSIDE extended permit udp any eq ntp any 
access-list ININSIDE extended permit tcp any any eq pop3 
access-list ININSIDE extended permit ip host 192.168.105.254 any 
access-list ININSIDE extended permit tcp any any eq smtp 
access-list ININSIDE extended permit tcp any any eq 6901 
access-list ININSIDE extended permit udp any any eq 6901 
access-list ININSIDE extended permit udp any any eq 6801 
access-list ININSIDE extended permit udp any any range 2001 2120 

access-list ININSIDE extended permit tcp any any range 6891 6900 
access-list ININSIDE extended permit tcp any any eq 7001 
access-list ININSIDE extended permit udp any any eq 7001 
access-list ININSIDE extended permit udp any any eq discard 
access-list ININSIDE extended permit tcp any any range 5000 65535 
access-list ININSIDE extended permit udp any any range 5000 65535 
access-list ININSIDE extended permit tcp any any eq 5061 
access-list ININSIDE extended permit tcp any any eq 502 
access-list ININSIDE extended permit icmp any any 
access-list ININSIDE extended permit tcp any any eq domain 
access-list ININSIDE extended permit ip 192.168.105.0 255.255.255.0 192.168.100.0 255.255.255.0 
access-list ININSIDE extended permit tcp any any eq imap4 
access-list ININSIDE extended permit tcp any any eq 843 

nat (inside,outside) source static 192.168.105.0_24 192.168.105.0_24 destination static 192.168.106.0_24 192.168.106.0_24 no-proxy-arp route-lookup
nat (inside,outside) source static 192.168.105.0_24 192.168.105.0_24 destination static 192.168.107.0_24 192.168.107.0_24 no-proxy-arp route-lookup
nat (inside,outside) source static 192.168.105.0_24 192.168.105.0_24 destination static 172.16.105.0_24 172.16.105.0_24 no-proxy-arp route-lookup
nat (inside,outside) source static 192.168.105.0_24 192.168.105.0_24 destination static 192.168.255.0_24 192.168.255.0_24 no-proxy-arp route-lookup
nat (inside,outside) source static 192.168.105.0_24 192.168.105.0_24 destination static 192.168.100.0_27 192.168.100.0_27 no-proxy-arp route-lookup
nat (inside,outside) source static 192.168.30.0_24 192.168.30.0_24 destination static 192.168.100.0_27 192.168.100.0_27 no-proxy-arp route-lookup
nat (inside,outside) source static 192.168.50.0_24 192.168.50.0_24 destination static 192.168.100.0_27 192.168.100.0_27 no-proxy-arp route-lookup
nat (inside,outside) source static 192.168.60.0_24 192.168.60.0_24 destination static 192.168.100.0_27 192.168.100.0_27 no-proxy-arp route-lookup
nat (inside,outside) source static 192.168.105.0_24 192.168.105.0_24 destination static 192.168.100.192_26 192.168.100.192_26 no-proxy-arp route-lookup
nat (inside,outside) source static DM_INLINE_NETWORK_5 DM_INLINE_NETWORK_5 destination static NETWORK_OBJ_192.168.255.0_24 NETWORK_OBJ_192.168.255.0_24 no-proxy-arp route-lookup
nat (DMZ,outside) source static 172.16.105.0_24 172.16.105.0_24 destination static 192.168.105.0_24 192.168.105.0_24 no-proxy-arp route-lookup
nat (DMZ,outside) source static 172.16.105.0_24 172.16.105.0_24 destination static 192.168.255.0_24 192.168.255.0_24 no-proxy-arp route-lookup
nat (inside,outside) source static 192.168.105.210 interface service TCP_3389 TCP_3389
nat (inside,outside) source static 192.168.105.220 interface service TCP_3389 TCP_6500
nat (inside,outside) source static 192.168.30.31 XX.XX.XX.149 service TCP_502 TCP_502
nat (inside,outside) source static 192.168.105.109 SMTP_PUBLIC service HTTP HTTP
nat (inside,outside) source static 192.168.105.109 SMTP_PUBLIC service HTTPS HTTPS
nat (inside,outside) source static 192.168.105.7 SMTP_PUBLIC service TCP_3389 TCP_6501
nat (DMZ,outside) source static 172.16.105.10 XX.XX.XX.150 service TCP_8000 TCP_8000

nat (DMZ,outside) source static 172.16.105.10 SMTP_PUBLIC service SMTP SMTP
nat (DMZ,outside) source dynamic SMTPGW-DMZ SMTP_PUBLIC
nat (inside,outside) source dynamic DIP_LAN interface
access-group outside_access_in in interface outside
access-group ININSIDE in interface inside
access-group DMZ_access_in in interface DMZ
route outside 0.0.0.0 0.0.0.0 XX.XX.XX.148 1

http server enable
http 0.0.0.0 0.0.0.0 inside
http 0.0.0.0 0.0.0.0 outside
http 0.0.0.0 0.0.0.0 management