Making an ASA TFTP backup through VPN

Solution 1:

Assuming you're using the 'copy' command on the ASA to initiate the transfer, it should be possible to specify the interface that you want the tftp client (ASA2) to use the IP of (in this case, originating from the 'inside' interface so that it matches the relevant ACLs.)

Have a look at syntax: http://www.cisco.com/en/US/docs/security/asa/asa70/command/reference/c.html#wp1970383

its likely you'll need to issue command as: ASA2#copy running-config tftp://[user[:password]@]server[:port]/[path/]filename[;int=interface_name]

Solution 2:

I think you need to issue this command:

management-access inside

Solution 3:

I'm guessing my IOS doesn't support setting the interface name as an additional tftp parameter:

copy running-config tftp://[user[:password]@]server[:port]/[path/]filename[;int=interface_name]

but I did get it to work by setting the system default tftp server:

tftp-server inside [server] /[filename]
write tftp