Is there a way to define a tftp source interface in the same way that a router/switch allows? The problem I am having is that I need to save configuration files from the remote ASA5505 to our main office, as well as upload new code to the 5505, and debugs show that the tftp source address of the ASA5505 comes from the outside (public) interface of the ASA, destine for an internal private address at the main office, via the vpn tunnel. Two problems with this:
1) I do not want to tunnel the outside interface ip address of the ASA5505 through a tunnel. and
2) DSL/Cable ISP's hand out dhcp addy's so I could not easily make a an interesting vpn traffic acl if the outside interface ip frequently changes.
One other similar problem I found is that I cannot ping from the remote ASA5505 to devices in our main office. Pings do work fine though for devices behind the ASA5505 to devices behind our main office ASA5540.
Similarly, I have problems with NTP and tacacs+. I believe all four problems are related to the same issue because they each attempt to use the outside ip address for the default source address.
Some assistance with an explanation (and not just a url link) would be helpful.