cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1102
Views
0
Helpful
3
Replies
rob.hicks1
Beginner

SSH/SNMP to ASA inside interface from the outside

Hi,

I have a requirement to allow SSH & SNMP access to the inside interface of an ASA Firewall context. The issue is that the traffic is being source from the outside and therefore hits the outside interface first. 

Is there a way to target the inside interface address of the ASA even when the management traffic is coming in via the outside interface?
Many thanks
Rob

1 ACCEPTED SOLUTION

Accepted Solutions
Marvin Rhoads
Hall of Fame Guru

You cannot do that unless it's coming in via VPN.

 

One alternative is to use a jumpbox or proxy host / relay.

View solution in original post

3 REPLIES 3
Marvin Rhoads
Hall of Fame Guru

You cannot do that unless it's coming in via VPN.

 

One alternative is to use a jumpbox or proxy host / relay.

View solution in original post

Thanks for the reply Marvin.  Looks like i need to think of a plan B :)


@Marvin Rhoads wrote:

You cannot do that unless it's coming in via VPN.


Can you elaborate on "coming via VPN"?

 

I have a management server that is located in HQ trying to access a branch ASA on its inside interface. Both HQ and branch are connected using ipsec VPN would that setup not work?

 

The reason I want to use the inside is because we have two IPSec tunnels to the same branch ASA so the idea was to be able to reach the branch ASA via either IPSec tunnel. 

 

 

Content for Community-Ad