Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
850
Views
0
Helpful
3
Replies

can you please help figure out why I cannot telnet, ssh or asmd into an asa 5505 using its private IP address? I do have a successful remote access vpn established?

danpenforreal
Level 1
Level 1

‎01-07-2011 08:54 PM - edited ‎03-11-2019 12:32 PM

can you please help me figure out why I cannot telnet, ssh or asmd into an asa 5505 using its private ip address? I do have a successful remote access vpn established. I am attaching the running config.

I can definitely asdm into it via its public ip address.  I can manage the asa using its public ip address 192.168.1.1.  My local pc has the private ip, but i and I get confuse when pinging the asa. who is responding to the ping, my local pc or the asa? am told this ip overlapping is ok.  my Local pc is also. getting an assigned vpnremotepool ip address of 192.168.3.129.

didn't realize asdm 5.0 was so buggy with as 7.2 !!! or maybe something is missing in the confiuguration........Please help.

Labels:
0 Helpful
3 Replies 3

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎01-08-2011 08:45 AM

Hi Daniel,

You should be able to manage the ASA either locally or via a VPN connection to the private IP.

In order to do this, the ASA should be configured to allow the management connections from the IP address that you're coming from.

ie.

http 1.1.1.0 255.255.255.0 inside

ssh 1.1.1.0 255.255.255.0 inside

Assuming the VPN client pool is 1.1.1.0/24, then the above commands allow the VPN clients to connect via HTTP/SSH to the ASA.

You are required to have the HTTP server enabled and the keys generated for SSH as well.

The command to allow access to the private IP of the ASA through a VPN tunnel is ''management-access inside''

The public IP 192.168.1.1 that you mentioned is a private IP.

Federico.

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to Federico Coto Fajardo

‎01-08-2011 09:13 AM

Hi,

didn't realize asdm 5.0 was so buggy with as 7.2 !!! or maybe something is missing in the confiuguration........Please help.

How can we say if you don't post it!

giving same ip address to 2 devices is really not a good design, I suppose it is ip add of management interface of ASA?

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

Kureli Sankar
Cisco Employee
Cisco Employee
In response to cadet alain

‎01-08-2011 01:41 PM

Let us first make sure the ASA is manageable from a host on the inside before we can try it from a host via VPN.

Follow this doc and run through the steps: https://supportforums.cisco.com/docs/DOC-13012

-KS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card