https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550056#M657629 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>You can configure 'management-access inside'. That should allow VPN users to access the inside interface for management purposes. Here is the command reference:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2027985">http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2027985</A></P><P></P><P>Hope that helps.</P><P></P><P>-Mike</P></BODY></HTML> Tue, 28 Sep 2010 14:44:42 GMT mirober2 2010-09-28T14:44:42Z https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550055#M657613 <P>Hi,</P><P></P><P>Trying to get telnet and http server available for ipsec clients.This is from my config:</P><P></P><P>http server enable</P><P>http 10.180.1.0 255.255.255.0 inside &lt;-- LAN</P><P>http 10.180.20.0 255.255.255.0 outside &lt;-- VPN pool</P><P></P><P>VPN client can connect to LAN hosts, but not to the LAN asa IP 10.180.1.254. The ASA does not seem to listen to an IP at the vpn pool 10.180.20.0/24 either.</P><P></P><P>What am I missing here?</P> Mon, 11 Mar 2019 18:46:34 GMT https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550055#M657613 3moloz123 2019-03-11T18:46:34Z https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550056#M657629 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>You can configure 'management-access inside'. That should allow VPN users to access the inside interface for management purposes. Here is the command reference:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2027985">http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2027985</A></P><P></P><P>Hope that helps.</P><P></P><P>-Mike</P></BODY></HTML> Tue, 28 Sep 2010 14:44:42 GMT https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550056#M657629 mirober2 2010-09-28T14:44:42Z https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550057#M657640 <HTML><HEAD></HEAD><BODY><P>Also, you'll need to update your 'http' and 'telnet' commands to include the IP addresses of the VPN clients.</P><P></P><P>-Mike</P></BODY></HTML> Tue, 28 Sep 2010 14:45:39 GMT https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550057#M657640 mirober2 2010-09-28T14:45:39Z https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550058#M657656 <HTML><HEAD></HEAD><BODY><P><SPAN>I already have that, and yet I can't reach </SPAN><A class="jive-link-external-small" href="https://lan_ip_of_asa">https://lan_ip_of_asa</A><SPAN>.</SPAN></P><P>What else could it be?</P></BODY></HTML> Wed, 29 Sep 2010 06:13:38 GMT https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550058#M657656 3moloz123 2010-09-29T06:13:38Z https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550059#M657707 <HTML><HEAD></HEAD><BODY><P>Also make sure you have enabled the http server.</P><P>If still you can't connect enable the "http" debugs and sylogs to get more details.</P><P></P><P>PK</P></BODY></HTML> Wed, 29 Sep 2010 18:13:01 GMT https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550059#M657707 Panos Kampanakis 2010-09-29T18:13:01Z https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550060#M657770 <HTML><HEAD></HEAD><BODY><P>When I connect with ASDM, I do get the warning about security certificate, "do you want to trust this publisher?", but when I click yes it cant connect.</P><P>Telnet behaves pretty much the exact same way, it does connect but the session is immediately resetted - so the telnet windows flashes quickly which is NOT the case if the port is not open for me.</P></BODY></HTML> Thu, 30 Sep 2010 12:38:02 GMT https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550060#M657770 3moloz123 2010-09-30T12:38:02Z https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550061#M657804 <HTML><HEAD></HEAD><BODY><P>I would suggest using the "debug http" to see what the ASA reports when you try ASDM.</P><P></P><P>PK</P></BODY></HTML> Thu, 30 Sep 2010 13:12:55 GMT https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550061#M657804 Panos Kampanakis 2010-09-30T13:12:55Z https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550062#M657846 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>it has been a while. Here's output of 'debug http 255':</P><P></P><P>HTTP: processing ASDM request [/admin/version.prop] (aware_webvpn_conf.re2c:414)<BR />HTTP: Do not check session. Reasons: not required=[0], no AAA=[1], IPv6=[0]<BR />HTTP: processing ASDM request [/admin/version.prop] (aware_webvpn_conf.re2c:414)<BR />HTTP: Do not check session. Reasons: not required=[0], no AAA=[1], IPv6=[0]<BR />HTTP: processing ASDM request [/idm/idm.jnlp/] (aware_webvpn_conf.re2c:414)<BR />HTTP: Do not check session. Reasons: not required=[0], no AAA=[1], IPv6=[0]<BR />HTTP: processing ASDM request [/idm/idm.jnlp/] (aware_webvpn_conf.re2c:414)<BR />HTTP: Do not check session. Reasons: not required=[0], no AAA=[1], IPv6=[0]</P><P></P><P>The user is level 15</P><P></P><P></P><P></P><P>Sorry, it works now. Was http server that listened on wrong interface <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P></BODY></HTML> Wed, 27 Oct 2010 11:29:00 GMT https://community.cisco.com/t5/network-security/telnet-and-http-server-for-ipsec-clients/m-p/1550062#M657846 3moloz123 2010-10-27T11:29:00Z