10-25-2018 03:16 AM - edited 02-21-2020 08:23 AM
Hi,
I have a requirement to allow SSH & SNMP access to the inside interface of an ASA Firewall context. The issue is that the traffic is being source from the outside and therefore hits the outside interface first.
Is there a way to target the inside interface address of the ASA even when the management traffic is coming in via the outside interface?
Many thanks
Rob
Solved! Go to Solution.
10-25-2018 03:23 AM
You cannot do that unless it's coming in via VPN.
One alternative is to use a jumpbox or proxy host / relay.
10-25-2018 03:23 AM
You cannot do that unless it's coming in via VPN.
One alternative is to use a jumpbox or proxy host / relay.
10-25-2018 06:45 AM
Thanks for the reply Marvin. Looks like i need to think of a plan B :)
02-11-2020 01:54 AM
@Marvin Rhoads wrote:You cannot do that unless it's coming in via VPN.
Can you elaborate on "coming via VPN"?
I have a management server that is located in HQ trying to access a branch ASA on its inside interface. Both HQ and branch are connected using ipsec VPN would that setup not work?
The reason I want to use the inside is because we have two IPSec tunnels to the same branch ASA so the idea was to be able to reach the branch ASA via either IPSec tunnel.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide