07-06-2010 01:34 PM
I would like to be able to administer the ASA 5505 from another site, which is linked via a site to site Ipsec LAN.
How do I enable this feature?
Solved! Go to Solution.
07-06-2010 01:56 PM
Hi,
You can administer an ASA remotely by using the public IP (via the Internet), or via the tunnel by reaching the private IP.
You can reach the private IP by enabling the command:
management-access inside
Then you can access the ASA by its private IP via CLI or GUI.
Federico.
07-06-2010 01:56 PM
You have to let the asa know from which interface you may manage the asa via vpn.
check out the commando "management-access".
if you want to configure your remote asa on his inside interface, you configure: "management-access inside"
Also check your acl and nat.
07-06-2010 01:56 PM
Hi,
You can administer an ASA remotely by using the public IP (via the Internet), or via the tunnel by reaching the private IP.
You can reach the private IP by enabling the command:
management-access inside
Then you can access the ASA by its private IP via CLI or GUI.
Federico.
07-06-2010 02:59 PM
Right - so that I have it clear in my mind
ASA I want to access at Site A - the "inside" network and ip address is 192.168.30.1
The site from which I am connecting is one the 192.168.1.1
So..
On the ASA I issue the managment-access inside command
and then I simply add the 192.168.1.1 address to the list of sites from which I am allowed to connect? I can then connect via the VPN link?
07-06-2010 03:34 PM
Correct.
Assuming the ASA allows the management access from the IP that you're coming from.
Federico.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: