I have a ASA5505 and a ASA5510 successfully setup and running a site to site VPN. I can manage (SSH and ASDM) the local ASA without any problems. I'm unsuccessful when trying to manage the remote ASA.
- Should I be connecting to the outside interface or the inside interface on the remote ASA?
- Do I need ACLs to allow the traffic (I've tried and have been unsuccessful)?
Attached you'll find a network diagram for easier analysis.
I'd post the ASA configs but I'm not sure what would be relevant. Any help is much appreciated.
In addition to John's post.
For managing the asa over an Ipsec tunnel you also need magament-access
where name_if whichever management interface you define in your fw.
for example typical scenario
If you are wanting to get access to ssh, try adding your remote IP addresses (the ones that connect to the VPN) to ssh:
Let's say your inside interface on the ASA is 10.0.0.1:
ssh 10.0.0.0 255.255.255.0 inside
If your remote site is 10.50.0.0/24 then add:
ssh 10.50.0.0 255.255.255.0 inside
Let me know if this works :-)