3 Replies Latest reply: Feb 5, 2012 5:16 PM by William RSS

    ASA behind a bridge router - Remote Access Problem




      This is my scenario


      ISP <-----> Bridge Wireless Radio <----> ASA 5505 <----> LAN


      As mentioned I set the wireless radio into bridge mode so my ASA does the PPPOE job.

      Internet is working fine on internal hosts but...

      The problem is I can't access the ASA from the outside interface ( PPPOE ) although I allowed http outside.

      Remote Access VPN also doesn't work.

      In one word I can't get to ASA from the outside interface.


      In the logs I saw that whenever I try to access the device via ASDM from the outside interface (PPPOE) it says

      Denied ICMP type=3 code 13 from X.X.X.X on the outside interface( which X.X.X.X happens to be remote ip addr of PPPOE Server which is located on the ISP side).

      I have no idea why it should block that IP from accessing the outside interface and subsequently denies me from access the asa on its outside interface.

      I did allow that certain IP(x.x.x.x) by an ACE in the ASA , but no luck


      Any suggestion ?