Making an ASA TFTP backup through VPN
Solution 1:
Assuming you're using the 'copy' command on the ASA to initiate the transfer, it should be possible to specify the interface that you want the tftp client (ASA2) to use the IP of (in this case, originating from the 'inside' interface so that it matches the relevant ACLs.)
Have a look at syntax: http://www.cisco.com/en/US/docs/security/asa/asa70/command/reference/c.html#wp1970383
its likely you'll need to issue command as: ASA2#copy running-config tftp://[user[:password]@]server[:port]/[path/]filename[;int=interface_name]
Solution 2:
I think you need to issue this command:
management-access inside
Solution 3:
I'm guessing my IOS doesn't support setting the interface name as an additional tftp parameter:
copy running-config tftp://[user[:password]@]server[:port]/[path/]filename[;int=interface_name]
but I did get it to work by setting the system default tftp server:
tftp-server inside [server] /[filename]
write tftp