Solved: configure ASa 5505 from remote site using ASDM

mawallace · ‎07-06-2010

I would like to be able to administer the ASA 5505 from another site, which is linked via a site to site Ipsec LAN.

How do I enable this feature?

Federico Coto Fajardo · ‎07-06-2010

Hi,

You can administer an ASA remotely by using the public IP (via the Internet), or via the tunnel by reaching the private IP.

You can reach the private IP by enabling the command:

management-access inside

Then you can access the ASA by its private IP via CLI or GUI.

Federico.

Gaston Bougie · ‎07-06-2010

You have to let the asa know from which interface you may manage the asa via vpn.

check out the commando "management-access".

if you want to configure your remote asa on his inside interface, you configure: "management-access inside"

Also check your acl and nat.

Federico Coto Fajardo · ‎07-06-2010

Hi,

You can administer an ASA remotely by using the public IP (via the Internet), or via the tunnel by reaching the private IP.

You can reach the private IP by enabling the command:

management-access inside

Then you can access the ASA by its private IP via CLI or GUI.

Federico.

mawallace · ‎07-06-2010

Right - so that I have it clear in my mind

ASA I want to access at Site A - the "inside" network and ip address is 192.168.30.1

The site from which I am connecting is one the 192.168.1.1

So..

On the ASA I issue the managment-access inside command

and then I simply add the 192.168.1.1 address to the list of sites from which I am allowed to connect? I can then connect via the VPN link?

Federico Coto Fajardo · ‎07-06-2010

Correct.

Assuming the ASA allows the management access from the IP that you're coming from.

Federico.