cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
703
Views
0
Helpful
1
Replies

Remote Management Access through VPN on ASA5505 Ver 8.4(4)1

Peter Ives
Level 1
Level 1

Can’t get the VPN Management access to work.   ASA configured per the Cisco ASA5500 Series Configuration Guide using the CLI Chapter 27 “Information About NAT”  page 27-28

Route-lookup option added to end of nat statement, still no go.   When connected via VPN, can’t ping inside interface or get management access. The remainder of the VPN operates just fine.

same-security-traffic permit intra-interface

management-access inside

object network VPN_LOCAL

subnet 10.152.25.176 255.255.255.240

nat (outside,outside) dynamic interface

object network inside_nw

subnet 10.152.25.128 255.255.255.192

nat (inside,outside) dynamic interface

nat (outside,inside) source static VPN_LOCAL VPN_LOCAL destination static inside_nw inside_nw  route-lookup

Any ideas on what to try next?

Thanks, Pete

1 Reply 1

Itzcoatl Espinosa
Cisco Employee
Cisco Employee

Hello Pete,

I checked the info, I believe the ASA is being affected by the following bug.

ICMP to management-access interface through VPN fails

CSCuc58260

It should be fixed on the 8.4.5 release

Do not forget to score the answer if it was helpful.

regards,

Itzcoatl

Review Cisco Networking for a $25 gift card