Cisco Systems ASA 5510 Network Router User Manual


  Open as PDF
of 2086
 
40-14
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 40 Configuring Management Access
Configuring Management Access Over a VPN Tunnel
Configuring Management Access Over a VPN Tunnel
If your VPN tunnel terminates on one interface, but you want to manage the ASA by accessing a different
interface, you can identify that interface as a management-access interface. For example, if you enter the
ASA from the outside interface, this feature lets you connect to the inside interface using ASDM, SSH,
Telnet, or SNMP; or you can ping the inside interface when entering from the outside interface.
Management access is available via the following VPN tunnel types: IPsec clients, IPsec site-to-site, and
the AnyConnect SSL VPN client.
This section includes the following topics:
Licensing Requirements for a Management Interface, page 40-14
Guidelines and Limitations, page 40-14
Configuring a Management Interface, page 40-14
Licensing Requirements for a Management Interface
The following table shows the licensing requirements for this feature:
Guidelines and Limitations
This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single mode.
Firewall Mode Guidelines
Supported in routed mode.
IPv6 Guidelines
Supports IPv6.
Additional Guidelines
You can define only one management access interface.
Configuring a Management Interface
To configure the management interface, perform the following steps:
Step 1 From the Configuration > Device Management > Management Access > Management Interface pane,
choose the interface with the highest security (the inside interface) from the Management Access Interface
drop-down list.
Step 2 Click Apply.
Model License Requirement
All models Base License.