07-02-2007 08:44 AM - edited 02-21-2020 01:35 AM
Hi,
I have Cisco Security Manager (CSM).
I have 2 boxes ASA. IPSec L2L tunnel is created between ASAs (between outside interfaces)
Cisco Security Manager is connected to first ASA. First ASA is managed by Cisco Security Manager, it is OK. But I have problem to get second ASA (ASA on end of IPSec tunnel) to CSM. CSM do not communicate with IP address on outside interface - on this IP address is ended IPSec tunnel and CSM does not communicate with other interfaces of ASA too.
Is It possible to communicate from CSM to ASA box over IPSec tunnel when IPSec tunnel is ended on this ASA box?
Thanks
Peter
07-02-2007 09:19 AM
For that traffic to cross the tunnel, the traffic must be defined in your crypto and nat exemption acl's.
Local ASA
access-list
access-list
Remote ASA
access-list
07-02-2007 09:25 AM
Traffic is included in tunnel, there is no problem.
My question is:
On which interface of remote ASA will connect CSM?
Peter
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide