Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
239
Views
0
Helpful
1
Replies

Traffic through management interface of ASA

wim_depauw
Level 1
Level 1

‎03-02-2006 02:17 AM - edited ‎02-21-2020 12:44 AM

Hi,

We have a VPN tunnel between an ASA and cisco IOS router (remote site IP 10.14.0.0. /16 ).

We would like to monitor the remote site hosts from our management segment.

Our management segment is separated from the ASA via a Checkpoint FW.

Management interface : 10.0.252.1 /29

Management subnet : 62.233.5.0 /24

Pinging from a host on the network 10.0.252.x to 10.14.0.0 /16 works fine but when we try to ping from 62.223.5.0 to 10.14.0.0 /16 it fails.

I did a capture on the management interface and I see my packets coming in. Also my acl shows a hit on the ICMP packets .I also enabled logging on this ACL but in my logging I don't see anything.

It seems that the ASA justs drop the packets....

My question is : Had anybody had this problem before ? Can a management interface route any traffic or will he just drop it ?

PS: It is possible to configure the management interface for management-only but I disabled this .

gr

wim

0 Helpful
1 Reply 1

ebreniz
Level 6
Level 6

‎03-08-2006 06:58 AM

Try using Advanced Security Device Manager .

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00804619d8.shtml

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card