10-30-2014 01:40 PM - edited 02-21-2020 05:19 AM
Hi. Is there any way to access the ASA CX module by HTTPS from the inside network (inside interface) on the ASA firewall? I can access the CX by HTTPS via the management interface but I want to use the inside interface like the ASA management. What is the trick to get this working?
btw. I did try to remove nameif from the management interface but still no access from the inside interface.
10-30-2014 10:29 PM
No, you cannot do what you are asking. The CX software module requires you use the physical management interface and assign it an IP address.
If you aren't also using that physical interface for ASA management, the CX could use an address from the same subnet as the ASA's inside interface. However it still needs to be on the physical management interface.
11-03-2014 12:55 PM
I remember having issues trying to access the CX module from the inside network and also not being able to go online from my NMS or ASA/CX (for updates) that is in the management VLAN. What I figured was an issue with the way the mgmt interface is now classified.
Putting a static route on the ASA for my management VLAN to go out the inside ASA interface fixed my issue.
BTW I access my CX from the inside network with the mgmt IP address.
ASA ver 9.2(2)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide