On ASA - If your VPN tunnel terminates on one interface, but you want to manage the ASA by accessing a different interface, you can identify that interface as a management-access interface. For example, if you enter the ASA from the outside interface, this feature lets you connect to the inside interface using ASDM, SSH, Telnet, or SNMP; or you can ping the inside interface when entering from the outside interface. Management access is available via the following VPN tunnel types: IPsec clients, IPsec site-to-site, and the AnyConnect SSL VPN client.
The management_interface specifies the name of the management interface that you want to access when entering the ASA from another interface.
We can use the same command on FTD, which can be deployed via FMC Flex Policy. An enhancement is already in place to introduce this on the FMC UI, https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuz48122