cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

111
Views
0
Helpful
5
Replies
Highlighted
Beginner

Management from outside

Hi.

I have two ASA 5500 series. One used as internet border device, second is used for subdivide internal enterprise network. I connect to enterprise network remotely via first ASA and try to connect to management interface of the second one. When i do it packets reach second ASA's outside interface with lowest  security level and being discarded. Is there any way to reach management interface of the second ASA through outside interface of the second ASA?

5 REPLIES 5
Highlighted
Participant

Hi,


Could you share the show route and subnets in which the interfaces are on both ASA's

so that I can have clear understanding of the routes and suggest further.

looks like we can do this by adjusting the routing.

Thanks,

Ankita

Highlighted
Beginner

I've found answer on my question. 

http://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/general/asa-96-general-config/admin-management.html

SSH access to an interface other than the one from which you entered the ASA is not supported. This is also true for telnet and http.

Thanks to all.

Highlighted
Beginner

Hi, 

Could you share like a small topology using GNS or something else for your network. 

I think this is what you have: 

Internet --------- (outside) ASA1 

                                          | 

                                          |

                                          | 

                                       ASA2 

Highlighted

Internet --------(outside)ASA1(inside1)----------(inside1)ASA2(inside2)

<---VPN--->

I tried to connect from internet to inside2. It doesn't work because i reach ASA2 through inside1. To connect to ASA2 i should use inside1 of ASA2 only.

Highlighted

Hi Asder, 

Yeah that's right and this is how ASA works by design :) 

Content for Community-Ad