Hello Colleagues,
I had because Endo Life to replace some of our CISCO ASA's 5520 what ran the 8.4.2 Image by new gerneration devices 5525-X. There I ran into the problem that the box rebooted after round one and half day unmotivated. So I got from cisco TAC the information to use the IOS 9.7(1)2 image. So fas ok the boxes run stable now.
We use L2TP from our PC-Clients to connect to the ASA, wah works so far also good.
It is no problem to do fro example a RDP to a company inside resource from a remote access client.
B u t it is impossible to reach from our company internal LAN a Remote access Client for exapmple by RDP or a running ftp-Server at the remote access client. It is on the other hand no problem to reach the Remote Access Client by icmp from the internal LAN.
I need this problem urgently solved... and I checked all the parameters and could not find the reason for that behavior.
When I did da packet trace at the Remote Access client I saw the traffic coming in there SYN to Port 3389, the client sent also a SYN-Ack-Packet back. But this packet arrives never the company internal client.
At the ASA it is setup that VPN-Traffic sould bypass any access-lists (sysopt connection permit-vpn)