Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1567
Views
0
Helpful
5
Replies

Cannot manage ASA inside interface from Site-to-Site VPN

Go to solution
phatrachit
Level 1
Level 1

‎07-27-2011 03:02 AM

Hi all,

I was deploy new site-to-site between ASA 8.0 (HQ) and ASA 8.4 (Branch). Everything working fine but i have a problem about manage to the remote ASA that i can't manage  ASA branch with Inside interface IP address.

My configuration on Remote ASA

management-access inside

icmp permit any inside

ssh 0.0.0.0 0.0.0.0 inside


snmp-server host INSIDE 10.0.1.101 communitry test-snmp version 2c

My Test

- ping from HQ to inside interface of remote ASA

  • Client show request timeout
  • When debug icmp on remote ASA then ASA show only ICMP request from HQ no reply back from remote ASA

I'm not sure this is bug on ASA 8.4 or not because i can manage another remote ASA which software version 8.0 from HQ

Thank you in advance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
netadmin
Level 1
Level 1
In response to metricowireless

‎07-27-2011 09:08 AM

Not sure what 8.4 version you are using, but this is broken in 8.4(2), I ran into the same problem post-upgrade. Both SSH and ASDM won't connect to the inside interface across a L2L VPN. It did work in 8.4(1) though.

CSCtr16184

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtr16184

-N@TT

View solution in original post

0 Helpful
5 Replies 5

Go to solution
metricowireless
Level 1
Level 1

‎07-27-2011 07:13 AM

I'm having exactly the same problem.  I just upgraded to 8.4(2) so this is probably a bug in the newest software release.  Looks liek I'm going to have to downgrade to see if that clears up the issue.

0 Helpful

Go to solution
netadmin
Level 1
Level 1
In response to metricowireless

‎07-27-2011 09:08 AM

Not sure what 8.4 version you are using, but this is broken in 8.4(2), I ran into the same problem post-upgrade. Both SSH and ASDM won't connect to the inside interface across a L2L VPN. It did work in 8.4(1) though.

CSCtr16184

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtr16184

-N@TT

0 Helpful

Go to solution
phatrachit
Level 1
Level 1
In response to netadmin

‎07-27-2011 08:49 PM

Thank you N@TT

I was reconfigured this morning and it work for ICMP/SSH/ASDM but SNMP have not work yet

=====================================================================

Configruation

snmp-server host INSIDE 10.0.1.101 communitry test-snmp version 2c

10.0.1.101 is SNMP server from HQ

0 Helpful

Go to solution
phatrachit
Level 1
Level 1
In response to phatrachit

‎07-27-2011 09:19 PM

For other reader

It work for all method > ICM/SSH/ASDM/SNMP

I changed a little bit configuration on SNMP server

0 Helpful

Go to solution
metricowireless
Level 1
Level 1
In response to metricowireless

‎07-28-2011 06:33 AM

Downgrading to 8.4(1) fixed the problem.

0 Helpful
Customers Also Viewed These Support Documents