L2L VPN: Telnet or SSH Access problems with ACS server on Outside Interface

Discussion in 'Cisco' started by Lowell Yates, Mar 2, 2009.

  1. Lowell Yates

    Lowell Yates

    Joined:
    Feb 27, 2009
    Messages:
    2
    Let me explain my set up.

    I have small remote offices using ASA 5505's. They all tunnel back to an ASA 5540 headend which gives the users access to the corporate network. This corporate LAN is where the ACS server is located. No problems with any user access ... life is good.

    The problem I have is that I need to administer the remote ASA's remotely over the tunnel. I don't want to use local modems connected to the console port.

    When using the console port locally to access the 5505 config, I can't ping anything on the corporate network. I can ping from a host pc so the tunnel is good. It looks obvious I don't have a route when pinging from the CLI, It looks like I'm not getting on the tunnel from inside the ASA using CLI.

    The following is a stripped down version of the aaa commands but I'm not getting a route to begin with.

    Question. How can I get a route back to the corporate network over the tunnel so I can get TACACS to authenticate telnet or ssh and administer the remote ASA?


    aaa-server TACACS_SERVER protocol tacacs
    aaa-server TACACS_SERVER host 10.1.1.1
    timeout 20
    key fakesuperduperpassword

    aaa authentication telnet console TACACS_SERVER LOCAL
    aaa authentication ssh console TACACS_SERVER LOCAL

    ssh 10.x.x.x 255.255.255.255 outside
    telnet 10.x.x.x 255.255.0.0 outside

    Thanks VERY much!
     
    Lowell Yates, Mar 2, 2009
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jonnah
    Replies:
    1
    Views:
    1,312
    mcaissie
    Apr 21, 2004
  2. no-one
    Replies:
    0
    Views:
    1,638
    no-one
    Jul 28, 2004
  3. GNY
    Replies:
    0
    Views:
    756
  4. Jack
    Replies:
    0
    Views:
    724
  5. ppurcell
    Replies:
    0
    Views:
    536
    ppurcell
    Jun 17, 2008
Loading...

Share This Page