Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
591
Views
2
Helpful
5
Replies

Cisco ASA VPN - Management Access

Go to solution
beejrteek
Level 1
Level 1

‎06-22-2023 04:58 AM

Hello Everyone!

I have a strange problem. I configured RA VPN (SSL) on my Cisco ASA 5506, everything works fine except management access to my ASA........

I have configured this commnad:

management-access lab

ssh 0.0.0.0 0.0.0.0 lab

nat (lab,outside) source static any any destination static VPN-Network_Obj VPN-Network_Obj no-proxy-arp route-lookup

 

But I can't still log in to my ASA...

Any idea ? 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
beejrteek
Level 1
Level 1

‎07-10-2023 12:25 PM

MHM Cisco World,

Sorry but management vpn tunn has another function and this is not a solution.

It was a bug in version 9.8.4(32) - after upgrade to 9.16 - configuration:

management-access lab

ssh 0.0.0.0 0.0.0.0 lab

nat (lab,outside) source static any any destination static VPN-Network_Obj VPN-Network_Obj no-proxy-arp route-lookup

Working good

 

View solution in original post

5 Replies 5

Go to solution
MHM Cisco World
VIP
VIP

‎06-22-2023 05:04 AM - edited ‎06-24-2023 06:08 AM

check below

0 Helpful

Go to solution
beejrteek
Level 1
Level 1
In response to MHM Cisco World

‎06-22-2023 05:48 AM - edited ‎06-22-2023 05:50 AM

I only add this for testing purpose because it is dangerous, but still not working

To be precision: I always try to connect to LAB interface which has this IP: 10.10.10.1

Go to solution
MHM Cisco World
VIP
VIP
In response to beejrteek

‎06-24-2023 06:07 AM

sorry for late reply,
https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/215442-configure-anyconnect-management-vpn-tunn.html

this steps use to access ASA via anyconnect, 
so it better to config group-policy for specific anyconnect which have a privilege admin to access ASA

0 Helpful

Go to solution
beejrteek
Level 1
Level 1

‎07-10-2023 12:25 PM

MHM Cisco World,

Sorry but management vpn tunn has another function and this is not a solution.

It was a bug in version 9.8.4(32) - after upgrade to 9.16 - configuration:

management-access lab

ssh 0.0.0.0 0.0.0.0 lab

nat (lab,outside) source static any any destination static VPN-Network_Obj VPN-Network_Obj no-proxy-arp route-lookup

Working good

 

Go to solution
MHM Cisco World
VIP
VIP
In response to beejrteek

‎07-10-2023 12:31 PM

ssh 0.0.0.0 0.0.0.0 lab <<- I suggest this before you mention it dangerous.
anyway 
glad your issue solve 
 really appreciate you to update me 
have a nice day 
MHM

0 Helpful
Customers Also Viewed These Support Documents