cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
329
Views
0
Helpful
2
Replies

CiscoWorks access on ASA box on end of the IPSec tunnel

pslavkovsky
Level 1
Level 1

Hi,

I have Cisco Security Manager (CSM).

I have 2 boxes ASA. IPSec L2L tunnel is created between ASAs (between outside interfaces)

Cisco Security Manager is connected to first ASA. First ASA is managed by Cisco Security Manager, it is OK. But I have problem to get second ASA (ASA on end of IPSec tunnel) to CSM. CSM do not communicate with IP address on outside interface - on this IP address is ended IPSec tunnel and CSM does not communicate with other interfaces of ASA too.

Is It possible to communicate from CSM to ASA box over IPSec tunnel when IPSec tunnel is ended on this ASA box?

Thanks

Peter

2 Replies 2

acomiskey
Level 10
Level 10

For that traffic to cross the tunnel, the traffic must be defined in your crypto and nat exemption acl's.

Local ASA

access-list extended permit ip host host

access-list extended permit ip host host

Remote ASA

access-list extended permit ip host host

Traffic is included in tunnel, there is no problem.

My question is:

On which interface of remote ASA will connect CSM?

Peter

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: