Solved

site-to-site vpn management

Posted on 2013-12-03
1
316 Views
Last Modified: 2013-12-03
I currently have a site-to-site vpn configured with our main office and a remote office.  Behind the main office is a syslog/snmp server.  the remote office asa only has two interface, "outside" and "inside" inteface.  

The main office (internal subnet) can ssh to the remote office's "outside" interface.  With this connectivity, i can use cat tools to back up the config,  

Here's where my issue lies.  I CANNOT ssh nor ping the "inside" interface of the remote office's ASA from the main office's internal subnet.
I would like to send syslog/snmp-traps from the remote ASA to the syslog/snmp server located behind the main office using the inside interface of this remote ASA.  There are no ACL denies, NAT issues that is obvious from the ASA monitor.  Note that it's the same thing that's happening from remote office's to the main office's inside interface; i cannot ping it nor ssh to it.  

Anyone seen this kind of issue with a site-to-site VPN established using two ASA's?
I will attach some configs for better understanding.

Thanks
0
Comment
Question by:FREDARCE
1 Comment
 
LVL 2

Accepted Solution

by:
showard2007 earned 250 total points
ID: 39694019
Try the command "management-access inside". Then make sure your ssh statements allow for the main office's internal subnet to the inside interface of the device.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
increase internet speed 3 83
Business Broadband for Small Office in Dubai 2 67
Backup UPS - email alert 3 116
New VoIP phone system - what networking changes should be made 4 94
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now