The inside interface of the PIX (also applies to ASA) cannot be accessed from the outside or from the other side of the VPN tunnel unless the management-access is configured. Once management-access is enabled, Telnet, SSH, or HTTP access must still be configured for the desired hosts.
The following allows management access to the inside interface in global configuration mode:
ASA(config)# management-access inside
#update – This command also enables ping access to the INSIDE interface of the VPN. As with SSH/HTTP you must also permit ICMP to the interface before you can get a response