SSH to remote VPN site via Site to Site VPN ASA 8.4(5)
I presently have a Cisco ASA 5520 running 8.4(5) connected to another Cisco ASA 5505 running 8.4(5). I can ping and communicate to any object on the remote network. I have SSH configured on the Cisco ASA 5505. If I am on a system connecting to the Cisco ASA 5505 via SSH and I am on the remote network I can communicate with no problem. If I try to communicate to the Cisco 5505 from private network on the Cisco ASA 5520 I cannot communicate. I have been reading the security on the 8.4(5) works differently than the 8.2 or 8.3 for this particular situation. I have been doing hours of research and cannot find any proper solutions to resolving the configuration properly.
I found my problem so I am posting what I found. This website was very helpful:
On the 8.4 you need to make sure you have management-access inside configured. For anyone that is new simple
# management-access inside
Once you have the tunnels properly working with NAT and the crypto tunnels, in the 8.4, allow SSH with the networks you want to access from and then make sure you have management-access inside. This will allow you to ping and manage the firewall via the inside interface from the host VPN tunnel.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :