Cisco ASA, VPN and firewall management


We have a Cisco ASA 5510 and a 5520 and a site-to-site VPN between them to connect two company networks. The inside interface is configured as the management interface. I can connect via ssh/https the inside interface when I come from the local network but not when I come through the VPN tunnel.

How can one configure the ASA to allow management access through VPN? I don't want to bind it to the outside interface because then everybody from the Internet can access the firewall.

Using the separate management port for this does not work for us because

- the Allied Telesyn Switch on the other side cannot do VLAN routing

- the ASDM forbids to add two routes to the same subnet on two interfaces to two separate gateways.

- the ASDM does not allows the inside and management interface to be on the same subnet.

Thanks in advance for help.

Regards, Bernd

Reply to
Bernd Nies
Loading thread data ...

By adding the command

management-access inside

Reply to


Thanks. I had already that option - just forgot to add the interface network to the network object group on the remote side.

Bye, Bernd

Reply to
Bernd Nies Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.