Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA/CSC SSM Remote Management Question

Hi,

I've configured the CSC SSM on the ASA to be a part of Internal Network (192.168.x.x) and it is able to connect to the internet and working fine. I've also allowed remote management on the External Interface facing the Internet, and am able to connect into the box and run the ASDM. However, when I try to start the CSC Management module, I am unable to open it. It gives an error, saying could not open <URL with 192.168.x.x> address. I would like to know how I would be able to work around this issue. I have spare Public IPs but am not sure how exactly a NAT would resolve this problem. Thanks in advance.

  • Firewalling
1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: ASA/CSC SSM Remote Management Question

Ajay,

ASDM will try to connect to the IP address assigned to the CSC, your options would be to VPN into the private network or create a static NAT entry that maps the internal 192.168.x.x address to a routable address that can be accessed from the external network. Then when connecting to the CSC you will get a dialog that asks what IP to use when connecting to the CSC, choose the radio button that will allow you to enter an IP that differs from the IP configured.

Once a static NAT entry is setup you may also connect directly to the CSC by using the externally accessible IP address as so:

https://:8443

Keep in mind that allowing external configuration of your firewall is not considered a good security practice.

Thanks

Ryan

3 REPLIES
New Member

Re: ASA/CSC SSM Remote Management Question

Ajay,

ASDM will try to connect to the IP address assigned to the CSC, your options would be to VPN into the private network or create a static NAT entry that maps the internal 192.168.x.x address to a routable address that can be accessed from the external network. Then when connecting to the CSC you will get a dialog that asks what IP to use when connecting to the CSC, choose the radio button that will allow you to enter an IP that differs from the IP configured.

Once a static NAT entry is setup you may also connect directly to the CSC by using the externally accessible IP address as so:

https://:8443

Keep in mind that allowing external configuration of your firewall is not considered a good security practice.

Thanks

Ryan

New Member

Re: ASA/CSC SSM Remote Management Question

Thanks Ryan for your comments. I've another question regarding the features of CSC TrendMicro InterScan. However, I do not know if this is the right forum to ask.

New Member

Re: ASA/CSC SSM Remote Management Question

Feel free to send me an email with your questions.

Thanks

Ryan

236
Views
0
Helpful
3
Replies