05-21-2012 12:57 PM
Hello again
I configured ASA 5510 management through the inside interface. When I am in the office connected to the LAN I have no problem running ASDM. However, when I'm outside the office and I connect through the Cisco SSL VPN Service I can't manage the ASA5510 even though I can access all the shared resources on the network.
When I attempt to run ASDM when connected via VPN I get the error message.. "Unable to launch device manager from x.x.x.x" (inside address of the ASA5510).
How dangerous would it be if I just activated management via the Outside interface?
Ed
Solved! Go to Solution.
05-25-2012 09:58 AM
I would like to take a moment to thank everyone for their help in solving this problem. It turns out that most (if not all) the answers provided by the folks who responded to my problem were correct. Each response addressed the issue in an appropriate manner and had I been more knowledgeable about Cisco VPN's, the information provided by everyone would have been sufficient for me to have solved the problem.
On the chance that others might benefit from my experience with this problem, I thought it might be worthwhile to explain in a little more detail what it was that finally solved my problem. The missing piece of information... (which I found in a Cisco step-by-step VPN setup procedure)... was to create what is called an "Exempt Route". The step-by-step procedure stated that the VPN address pool and the inside address pool should be different. The fact that they are different requires that a Route exists between the two networks. When I had originally created the route I mistakenly created a "Static Route". This was an error... the route must be an "Exempt Route". As soon as I created the Exempt Route everything began to work.
Thanks again to all.
Ed
06-06-2012 02:36 PM
If there is any more clarification on this matter.
I'm confused on this also. I have a twice nat rule applied that allows me to access the inside network, can ping the inside interface, and can access the inside http web page but I still get the "Unable to launch the device manager from IP"
Since the Exempt route is already created and all other access works...is there another specific command that needs to be input in order for the asdm to respond to the VPN address space?
I have
ojbect network Inside
network 192.168.1.0/24
object network VPN
network 192.168.3.0/24
nat (inside,outside) source static Inside Inside destination static VPN VPN
Everything works BUT ASDM, was there another set of commands requiring NAT for the ASA Inside interface?
iOS 8.4(1)
08-21-2015 01:47 AM
Yes... I had the same problem...
managment-access inside
works
06-05-2018 02:53 AM
Me too, even with managment-access inside
After software upgrade the login was not possible anymore.
I removed the management-access from config and reconfigured it. That fixed it.
08-07-2018 12:43 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide