Transfer ASDM image to ASA over anyconnect VPN connection
I'm fairly new to the ASA firewalls. My previous firewall experience is on a different vendor firewall. I'm working with an ASA 5515-X running ASA 915 and ASDM 713. I am connecting from Windows 8 and therefore need to upgrade the ASDM to 731. I have done this before no problem. My issue with this particular upgrade is I really need to upload the image over a VPN connection. I cannot setup a NAT on my end to allow the ASA to connect to my public IP - so I can connect to the ASA via anyconnect. I can SSH into the ASA's public IP (for now) but I obviously cannot transfer the asdm image over my public IP b/c I have no NAT on my end. So I connect my PC to the anyconnect service and get a VPN IP. I need to issue the command:
I agree that the original problem looks like FTP permissions issue. Troubleshooting that would be a way to solve this.
I wonder about the suggestion to use a jump host in the lan. I agree that using ASDM is an easier way to solve this issue. But I would think that running ASDM from the AnyConnect session should work (assuming that the ASA is configured to allow ASDM from the VPN address pool).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...