Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
971
Views
0
Helpful
3
Replies

Manage ASA from remote

battanc
Level 1
Level 1

‎01-28-2014 02:12 AM - edited ‎02-21-2020 05:05 AM

I have been asked to manage a set of ASA that I reach "via Internet" through their public IP.

I am behind a dynamic NAT, so the ASAs does not see me directly.

How can I transfer files from my PC to the ASAs for updates?

TFTP does not work, because the ASA don't see the PC directly.

And the ASAs don't have the ASDM installed ...

Best regards

Claudio

0 Helpful
3 Replies 3

David Nehoda
Level 1
Level 1

‎01-28-2014 04:35 AM

Version of code?  I guess either way you could twice nat...but going out you should be fine, you would an external ip natd to your inside host, but you do not want to tftp over the internet....scp or sftp.

0 Helpful

battanc
Level 1
Level 1
In response to David Nehoda

‎01-28-2014 04:57 AM

Several versions, from 7.0.8 to 8.4.2, someone already with ASDM (and here is it easy to upgrade).

I know that the best solution is to NAT / PAT my PC, but I can not make any changes to the firewall where I am connected.

Can I do SCP or SFTP to the ASA, to directly send the file ?

If YES, what should I config on the ASA to accept this connections ?

Thank's,

Claudio

0 Helpful

David Nehoda
Level 1
Level 1
In response to battanc

‎01-28-2014 06:28 AM

If you cannot make a config change on the ASA you are behind then you are stuck. 

you either a need a one-to-one NAT inside-outside for your machine only on port 22, your inside ACl and your outside would need to allow that traffic.   

Cant get you much furhter sorry.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card