Cisco ASA 5505 Configuration Manual page 682

Asa 5500 series
Hide thumbs Also See for ASA 5505:
Table of Contents

Advertisement

Configuring a Management Interface for Management on a Different Interface from the VPN Tunnel Termination
Click OK.
Step 8
The dialog box closes.
(Optional) To set ICMP unreachable message limits, set the following options. Increasing the rate limit,
Step 9
along with enabling the "Decrement time to live for a connection" option on the Configuration > Firewall
> Service Policy Rules > Rule Actions > Connection Settings dialog box, is required to allow a traceroute
through the adaptive security appliance that shows the adaptive security appliance as one of the hops.
Click Apply.
Step 10
Configuring a Management Interface for Management on a
Different Interface from the VPN Tunnel Termination Interface
If your IPSec VPN tunnel terminates on one interface, but you want to manage the adaptive security
appliance by accessing a different interface, you can identify that interface as a management-access
interface. For example, if you enter the adaptive security appliance from the outside interface, this
feature lets you connect to the inside interface using Telnet; or you can ping the inside interface when
entering from the outside interface.
Restrictions
You can define only one management-access interface.
Detailed Steps
From the Configuration > Device Management > Management Access > Management Interface pane,
Step 1
choose the interface with the highest security (the inside interface) from the Management Access Interface
drop-down list.
Step 2
Click Apply.
The management interface is assigned and the change is saved to the running configuration.
Configuring AAA for System Administrators
This section describes how to enable authentication and command authorization for system
administrators. Before you configure AAA for system administrators, first configure the local database
or AAA server according to
This section includes the following topics:
Cisco ASA 5500 Series Configuration Guide using ASDM
32-10
Rate Limit—Sets the rate limit of unreachable messages, between 1 and 100 messages per second.
The default is 1 message per second.
Burst Size—Sets the burst rate, between 1 and 10. This keyword is not currently used by the system,
so you can choose any value.
Chapter 31, "AAA Server and Local Database Support."
Configuring Authentication for CLI, ASDM, and enable command Access, page 32-11
Chapter 32
Configuring Management Access
OL-20339-01

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

Asa 5510Asa 5540Asa 5520Asa 5550Asa 5580

Table of Contents