I have a requirement to allow SSH & SNMP access to the inside interface of an ASA Firewall context. The issue is that the traffic is being source from the outside and therefore hits the outside interface first.
Is there a way to target the inside interface address of the ASA even when the management traffic is coming in via the outside interface?
Solved! Go to Solution.
@Marvin Rhoads wrote:
You cannot do that unless it's coming in via VPN.
Can you elaborate on "coming via VPN"?
I have a management server that is located in HQ trying to access a branch ASA on its inside interface. Both HQ and branch are connected using ipsec VPN would that setup not work?
The reason I want to use the inside is because we have two IPSec tunnels to the same branch ASA so the idea was to be able to reach the branch ASA via either IPSec tunnel.