Hi all,
in order to manage a PIX through a VPN I have enabled the inside interface as a "management interface". This way I could ping the PIX from the remote network whereas before I couldn't. Now I'm trying to manage via telnet, HTTPS and ssh but even if I allowed the interesting traffic for the management on the outside (the VPN is terminated there) I'm still seeing the PIX reporting to me that the access to the management interface is denied by the ACL applied on the outside. Actually I see the ASDM logs reported the traffic from the remote PC directed to the inside interface as blocked. The error is 710003 the classic one for traffic blocked by an ACL. I allowed the management from the remote LAN on the inside interface. May you confirm that is it correct to activate the inside interface to manage the PIX by remote over a VPN? May I also use the tftp protocol to save the configuration to server locate at the remote end of a VPN tunnel? Where am I wrong? PIX 7.0.2
Alex.