Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
430
Views
0
Helpful
1
Replies

Cisco ASA Management

sumeshkmr
Level 1
Level 1

‎11-20-2012 11:18 PM - edited ‎03-11-2019 05:25 PM

                   Hi

The query i have, Is there any way to get management access to inside or management interface of ASA over Outside interface.  for example, if the there is head office and remote office connectivity over MPLS and the MPLS Ip is not routed across the office network.

Labels:
0 Helpful
1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

‎11-21-2012 01:01 AM

Hi,

Are you saying that some remote office needs possibility to manage the local ASA?

Are they connecting through VPN through the "outside" interface of the local ASA or are they connecting through Internet without any encryption?

You dont need to configure management to only be for "inside" or "management" interface.

You can also configure the same rules for "outside" interface provided you configure the address ranges permitted to manage the device securely (address ranges not too wide)

for example

ssh x.x.x.x y.y.y.y outside

http x.x.x.x y.y.y.y outside (for ASDM)

For telnet you will need to the connection to come through a VPN connection as telnet management doesnt have its own encryption. I guess playing around with security-levels on the ASA might change this but I don't recomend it.

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card