01-22-2014 12:59 PM - edited 03-11-2019 08:34 PM
I have two ASA5515s in HA mode, that is working fine. The issue I'm having is I want to access those ASAs via the Mgmt interfaces. The respective interfaces are connected to a 6509 as a routed connection on different bladed. Example. FW-PRI is on gi2/24 and FW-SEC is on gi3/24. That works just fine until I bring up the HA connection and the active FW-PRI pushes the configuration over to the FW-SEC. My question is can the managment interfaces be exluded from the HA fail-over and keep its static assigned ip address?
Solved! Go to Solution.
01-24-2014 02:28 PM
Don't use routed interfaces on the management ports, instead use a VLAN that both management ports belong to.
01-23-2014 02:32 PM
Hello Bruce,
We cannot exclude part of the configuration from being replicated if that is what you are asking.
You can exclude the interface from being monitored basically.
Not sure how or what IPs you are assigning, the IP to the seconday ASA is configured from the primary Firewall.
Regards,
Felipe.
Remember to rate useful posts.
01-24-2014 02:28 PM
Don't use routed interfaces on the management ports, instead use a VLAN that both management ports belong to.
01-24-2014 08:57 PM
That is what I did, created an SVI and assigned each management interface to the SVI. Works just fine.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide