Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
664
Views
0
Helpful
3
Replies

cant manage asa from remote location

Go to solution
gmtimmons
Level 1
Level 1

‎12-30-2009 08:30 AM - edited ‎03-11-2019 09:52 AM

have l2l vpn connection with remote location.  They have asa 5505 we have asa 5520 as firewall/vpn devices.  I can communicate with EVERYTHING at the remote location except the 10.244.12.1 (asa inside interface) from headquarters.  I can remote to a pc at that location and manage it fine, but need to be able to do it from HQ.    config is attached.  thanks for any advice.

Labels:
37374-cisco forum.txt.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎12-30-2009 08:47 AM

Could you remove this line

management-access mgmt

and add this one?

management-access inside

Also, you are only allowing ssh to the mgmt interface. Make sure to allow that to the inside interface as well.

-KS

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎12-30-2009 08:47 AM

Could you remove this line

management-access mgmt

and add this one?

management-access inside

Also, you are only allowing ssh to the mgmt interface. Make sure to allow that to the inside interface as well.

-KS

0 Helpful

Go to solution
gmtimmons
Level 1
Level 1

‎12-30-2009 08:58 AM

Thank you,   The management-access mgmt line wasnt in there to remove,  so I simply added the management-access inside.....that did the trick... I have been banging my head against the wall.....I knew it would be something simple.  thanks again

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to gmtimmons

‎12-30-2009 09:05 AM

Glad to hear.  Thanks for rating.

I thought I saw the line in the config. May be I looked at some other config.

If it is not there then yes, you just simply add that line.

-KS

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card