09-04-2015 01:37 PM - edited 03-11-2019 11:33 PM
Hey Guys,
Here is what I am trying to do. I have multiple 5506s deployed with firepower. If I connect through asdm using the public interface of the firewall it cannot communicate with the firepower module. However if I vpn in using anyconnect and connect to asdm using the public interface it can communicate with the firepower module. My anyconnect is using a split tunnel too btw so I am not sure why this matters from the firewalls perspective.
inside interface on asa is 192.168.4.1
sfr module is 192.168.4.2 gateway 192.168.4.1
I am attempting this without any layer 3 switches behind the firewall. Can this be done?
Chris
Solved! Go to Solution.
09-04-2015 02:10 PM
The ASDM on your PC sets up two connections. One to the ASA and one to the FirePower-module. Without the VPN, you can reach the public IP of the ASA, but the (internal) IP of the SFR module is not reachable. With the VPN, ASDM can reach the IP of the module and you can start managing it.
09-04-2015 02:10 PM
The ASDM on your PC sets up two connections. One to the ASA and one to the FirePower-module. Without the VPN, you can reach the public IP of the ASA, but the (internal) IP of the SFR module is not reachable. With the VPN, ASDM can reach the IP of the module and you can start managing it.
09-04-2015 06:22 PM
Ok. Thanks for clearing that up. Makes sense. Not quite as convenient as I want but I can deal with it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide