ASA 5525 VPN connects but can't telnet into ASA unless remote to PC on same subnet

Hello EE,
I have a Cisco ASSA5525 on 10.210.x.x network
I can VPN in just fine and get a DHCP address on 10.210.x.x network but cannot telnet into the IP of the Cisco ASA?

I can only telnet into it from RDP into one of the physical machines at the same site as the firewall on the 10.210.x.x network.
I have telnet 0.0.0.0 0.0.0.0 inside but is the VPN even though connected in really outside?
bergquistcompanyAsked:
Who is Participating?
 
Michael OrtegaConnect With a Mentor Sales & Systems EngineerCommented:
0
 
Michael OrtegaSales & Systems EngineerCommented:
Need no-proxy-arp route-lookup added to the end of your no NAT statement.

MO
0
 
Michael OrtegaSales & Systems EngineerCommented:
For example:

nat (inside,outside) source static NET_INTERNAL NET_INTERNAL destination static NET_VPN_USERS NET_VPN_USERS

should be:

nat (inside,outside) source static NET_INTERNAL_NET NET_INTERNAL_NET destination static NET_VPN_USERS NET_VPN_USERS no-proxy-arp route-lookup

MO
0
Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

 
Michael OrtegaSales & Systems EngineerCommented:
Though I'd also mention that you need to be running System software version 8.4.2 or newer.

MO
0
 
bergquistcompanyAuthor Commented:
That worked but why?
0
 
bergquistcompanyAuthor Commented:
awesome thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.