03-17-2009 10:10 PM - edited 03-11-2019 08:06 AM
Hi,
After connecting to Cisco Vpn client i m unable to manage my VPN server eventhough i have made a policy to access ASA after vpn connceted,but no result has come ,other policies working properly.Thru Same Vpn client i am not able to access Cisco ASA 5510 VPN server.
Kindly provide solution.
Tnks
Ramu
03-18-2009 05:37 AM
Let's see if I understand your question correctly: You use a Cisco VPN Client to connect to a ASA5510. But you found out that you cannot open a manegement connection to the outside ór inside of the ASA when you have a VPN connection.
If you have a VPN tunnel with no split-tunneling configured, then you just can't set up a management connection to the outside interface of the ASA. This can only be done by configuring split-tunnel.
Then only the inside interface of the ASA is left to connect to. This is only possible with the "management-access inside" command is configured in global configuration mode. The inside interface of the ASA cannot be accessed from the outside, unless you configure the "management-access inside" command.
In a nutshell:
- Configure split-tunneling on you VPN Client connection so you can directly connect to the outside interface of the ASA when you have a VPN (less desirable option)
- Configure the management-access command so you can access the inside interface from the ASA when you have a VPN Client connection (more desirable!)
I hope this information helps!
Regards,
Michaël
03-18-2009 08:28 AM
Ramu-
Have you used the "management-access" command to enable management access to an internal interface when connected via VPN?
http://www.cisco.com/en/US/customer/docs/security/asa/asa80/command/reference/m.html#wp1987122
For example:
management-access inside
will allow you to connect to the "inside" IP address when connected via VPN.
-Jon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: