We have a Cisco ASA 5510 and a 5520 and a site-to-site VPN between them to connect two company networks. The inside interface is configured as the management interface. I can connect via ssh/https the inside interface when I come from the local network but not when I come through the VPN tunnel.
How can one configure the ASA to allow management access through VPN? I don't want to bind it to the outside interface because then everybody from the Internet can access the firewall.
Using the separate management port for this does not work for us because
- the Allied Telesyn Switch on the other side cannot do VLAN routing
- the ASDM forbids to add two routes to the same subnet on two interfaces to two separate gateways.
- the ASDM does not allows the inside and management interface to be on the same subnet.
Thanks in advance for help.