Defining tftp interface for L2L VPN connections on ASA5505's
Is there a way to define a tftp source interface in the same way that a router/switch allows? The problem I am having is that I need to save configuration files from the remote ASA5505 to our main office, as well as upload new code to the 5505, and debugs show that the tftp source address of the ASA5505 comes from the outside (public) interface of the ASA, destine for an internal private address at the main office, via the vpn tunnel. Two problems with this:
1) I do not want to tunnel the outside interface ip address of the ASA5505 through a tunnel. and
2) DSL/Cable ISP's hand out dhcp addy's so I could not easily make a an interesting vpn traffic acl if the outside interface ip frequently changes.
One other similar problem I found is that I cannot ping from the remote ASA5505 to devices in our main office. Pings do work fine though for devices behind the ASA5505 to devices behind our main office ASA5540.
Similarly, I have problems with NTP and tacacs+. I believe all four problems are related to the same issue because they each attempt to use the outside ip address for the default source address.
Some assistance with an explanation (and not just a url link) would be helpful.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...