• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 332
  • Last Modified:

site-to-site vpn management

I currently have a site-to-site vpn configured with our main office and a remote office.  Behind the main office is a syslog/snmp server.  the remote office asa only has two interface, "outside" and "inside" inteface.  

The main office (internal subnet) can ssh to the remote office's "outside" interface.  With this connectivity, i can use cat tools to back up the config,  

Here's where my issue lies.  I CANNOT ssh nor ping the "inside" interface of the remote office's ASA from the main office's internal subnet.
I would like to send syslog/snmp-traps from the remote ASA to the syslog/snmp server located behind the main office using the inside interface of this remote ASA.  There are no ACL denies, NAT issues that is obvious from the ASA monitor.  Note that it's the same thing that's happening from remote office's to the main office's inside interface; i cannot ping it nor ssh to it.  

Anyone seen this kind of issue with a site-to-site VPN established using two ASA's?
I will attach some configs for better understanding.

1 Solution
Try the command "management-access inside". Then make sure your ssh statements allow for the main office's internal subnet to the inside interface of the device.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now