06-02-2011 10:02 AM
I have a working site2site between 2 ASA5520 8.2(3)
I want side A to be able telnet\ssh to side B's ASA
using the telnet command would do it or should I also add an access-list?
06-02-2011 10:34 AM
Hi,
ASA-A---------------L2L----------------------ASA-B
| |
X.X.X.X Y.Y.Y.Y
side B:
telnet X.X.X.X Z.Z.Z.Z inside >>> Z.Z.Z.Z is the subnet mask.
manegement-access inside
Regards,
06-02-2011 10:43 AM
this should be on side B? I would assume on A as you have to open access to A from B
06-02-2011 10:47 AM
Yes that was for side B. That's all you need as you said the tunnel was already working between both ASAs therefore the communication should be good at this point. From hosts behind A, are you able to ping the inside interface of ASA-B?
Regards,
06-02-2011 10:55 AM
to make sure we're on the same page
all hosts behind A can access ASA_A - both ping and telnet
all hosts behind B can access ASA_A by ping but NOT telnet
I need hosts behind B to access ASA_A using telnet
06-02-2011 11:04 AM
On the first post it says: "I want side A to be able telnet\ssh to side B's ASA"
On your last post it says: "I need hosts behind B to access ASA_A using telnet"
It doesn't matter, after all is the same thing for both; you said "all hosts behind B can access ASA_A by ping but NOT telnet" that means that the management-access command is aready in place for ASA_A. Could you post the "sh run telnet" from ASA_A? it has to include the hosts behind ASA_B
06-02-2011 11:19 AM
telnet X.X.X.0 255.255.255.0 mgmt
telnet Y.Y.Y.0 255.255.255.0 mgmt
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide