Naturally if you dont manage the ASA externally from a specific IP address always then this might not be an option if you want to keep the ASA as secure as possible with regards to management connection options. In those cases you could simply add the "http" and "ssh" statements on the ASA to allow the management connections from specific hosts/subnets. You can connect to the external interface IP address of the ASA directly. You can then add a "http" command for the subnet you have just configured as VPN Pool to allow ASDM management connections from that subnet.Īnd I would like to point out that you can use both SSH and ASDM (HTTPS/SSL) to manage the ASA from the external network without using any form of VPN for this. You can set whatever subnet/range as the VPN Pool for the VPN users. I am not sure I follow completely what you mean here.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |