I have a client who has an ASA-5505 running 8.2(5).  Cisco IS still supporting this firewall for the client because they are large and can pay for it. I've been lobbying to get the firmware updated, but it's still at the same level currently.

This is setup with a Site-to-Site VPN, and up until last night the management server was able to ping the inside interface over the VPN tunnel. Yesterday around 6:00 p.m., the ISP switched us over to a new circuit, and the management was able to reach the inside interface.  At 7:45 p.m., the management server could no longer ping the inside interface over the tunnel, at which time the management server reported the ASA as being down. 

The command "management-access inside" is applied, and the management server can log into the firewall's inside interface over the tunnel using SSH. "icmp permit any inside" is configured. ICMP debugging shows the echo-requests showing up, so the echo-replies are not making it back through. 

Can anyone dust off cobwebs and see if there is something I'm missing? I'll reboot after hours tonight, which I suspect will fix the problem, but until then there may be a workaround.

Thank you.