Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CiscoWorks access on ASA box on end of the IPSec tunnel

Hi,

I have Cisco Security Manager (CSM).

I have 2 boxes ASA. IPSec L2L tunnel is created between ASAs (between outside interfaces)

Cisco Security Manager is connected to first ASA. First ASA is managed by Cisco Security Manager, it is OK. But I have problem to get second ASA (ASA on end of IPSec tunnel) to CSM. CSM do not communicate with IP address on outside interface - on this IP address is ended IPSec tunnel and CSM does not communicate with other interfaces of ASA too.

Is It possible to communicate from CSM to ASA box over IPSec tunnel when IPSec tunnel is ended on this ASA box?

Thanks

Peter

  • Security Management
2 REPLIES
Green

Re: CiscoWorks access on ASA box on end of the IPSec tunnel

For that traffic to cross the tunnel, the traffic must be defined in your crypto and nat exemption acl's.

Local ASA

access-list extended permit ip host host

access-list extended permit ip host host

Remote ASA

access-list extended permit ip host host

New Member

Re: CiscoWorks access on ASA box on end of the IPSec tunnel

Traffic is included in tunnel, there is no problem.

My question is:

On which interface of remote ASA will connect CSM?

Peter

111
Views
0
Helpful
2
Replies
This widget could not be displayed.