Solved

Configure Remote access to ASA 5505 from outside

Posted on 2014-07-26
9
324 Views
Last Modified: 2014-08-24
I want to be able to create a policy that allows me to access my home ASA from the outside. I have a static address. Is there a way to set it up so that I can navigate to the ip address followed by the port number?

I would like to do it via ASDM if possible.

Thanks
0
Comment
Question by:vmagan
9 Comments
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 40221785
What type of acces. Ssh Telnet VPN .?

Post your config
0
 
LVL 6

Author Comment

by:vmagan
ID: 40221855
I want https access
0
 
LVL 6

Assisted Solution

by:Matt
Matt earned 250 total points
ID: 40222367
What would you like to do with https access?

Normally, https is used on ASA to access VPN using CISCO AnyConnect (SSL VPN)...and if you have only one IP address, you will not be able to publish your service on SSL port except if you will listen on non-default port...

One IP with SSL = SSL VPN access
0
 
LVL 23

Accepted Solution

by:
Thomas Grassi earned 250 total points
ID: 40222409
Post you current running config so we can take a look

I again will ask what are you trying to do?

If you need to just access the asa5505 to configure it remotely then you just need ssl or telnet setup.

As Matt said above HTTPS is used for VPN using anyconnect

You do not need anyconnect you can set up PPTP VPN which from a Windows 7 or 8 just setup the standard VPN connection and it works .

Once you are connected using VPN then you can Telnet SSH even use ASDM

Post the config
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 57

Expert Comment

by:Pete Long
ID: 40222706
Mmm, the problem with allowing HTTPS access to the ASDM ot via telnet, is how do you know what IP address you will be accessing it from?

Connecting to and Managing Cisco Firewalls

A Better approach would be to setup AnyConnect, then allow management to the the remote subnet and ad a 'management access inside' command to the config.

Regards,

Pete
0
 
LVL 6

Author Comment

by:vmagan
ID: 40222811
I'll post config when I get back. I already have vpn setup but wanted to by pass vpn and connect directly to my firewall so that I can manage it remotely.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 40222884
You really do not want to do that if you do that you leave your router wide open to attacks

VPN is the best and most secure method of connecting to your network.

Exposure like your are asking for is not good practice.

Still would like to see your config when you can post it
0
 
LVL 1

Expert Comment

by:mcammidge
ID: 40225380
If you have a static IP at the remote location (I.e. where you would be connecting from) this is easy enough to do by running the following command

http server <your-static-ip> <your-net-mask> outside

(this assumes other HTTP commands are already present) and "outside" is the named interface for your WAN interface.

if you are on a dynamic or want access from multiple locations I'd go with the other expert's and trust a VPN.
0
 
LVL 6

Author Closing Comment

by:vmagan
ID: 40281719
Went with the vpn. Thanks
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now