cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1501
Views
0
Helpful
3
Replies

SSH/SNMP to ASA inside interface from the outside

rob.hicks1
Beginner
Beginner

Hi,

I have a requirement to allow SSH & SNMP access to the inside interface of an ASA Firewall context. The issue is that the traffic is being source from the outside and therefore hits the outside interface first. 

Is there a way to target the inside interface address of the ASA even when the management traffic is coming in via the outside interface?
Many thanks
Rob

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
VIP Community Legend VIP Community Legend
VIP Community Legend

You cannot do that unless it's coming in via VPN.

 

One alternative is to use a jumpbox or proxy host / relay.

View solution in original post

3 Replies 3

Marvin Rhoads
VIP Community Legend VIP Community Legend
VIP Community Legend

You cannot do that unless it's coming in via VPN.

 

One alternative is to use a jumpbox or proxy host / relay.

Thanks for the reply Marvin.  Looks like i need to think of a plan B :)


@Marvin Rhoads wrote:

You cannot do that unless it's coming in via VPN.


Can you elaborate on "coming via VPN"?

 

I have a management server that is located in HQ trying to access a branch ASA on its inside interface. Both HQ and branch are connected using ipsec VPN would that setup not work?

 

The reason I want to use the inside is because we have two IPSec tunnels to the same branch ASA so the idea was to be able to reach the branch ASA via either IPSec tunnel. 

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers