cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
422
Views
0
Helpful
1
Replies

Cisco ASA Management

sumeshkmr
Level 1
Level 1

                   Hi

The query i have, Is there any way to get management access to inside or management interface of ASA over Outside interface.  for example, if the there is head office and remote office connectivity over MPLS and the MPLS Ip is not routed across the office network.

1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

Are you saying that some remote office needs possibility to manage the local ASA?

Are they connecting through VPN through the "outside" interface of the local ASA or are they connecting through Internet without any encryption?

You dont need to configure management to only be for "inside" or "management" interface.

You can also configure the same rules for "outside" interface provided you configure the address ranges permitted to manage the device securely (address ranges not too wide)

for example

ssh x.x.x.x y.y.y.y outside

http x.x.x.x y.y.y.y outside (for ASDM)

For telnet you will need to the connection to come through a VPN connection as telnet management doesnt have its own encryption. I guess playing around with security-levels on the ASA might change this but I don't recomend it.

- Jouni

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: