Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
481
Views
0
Helpful
0
Replies

ASA Management Interface Routing

dave.m162
Level 1
Level 1

‎02-14-2022 04:03 AM

I have an issue with the management port on an ASA5516 (9.14(2)8). I have an EEM script that backups the ASA on an issue of the "wr" command, and each night at 00:00 using FTP (secure). This works fine on other the other ASA's I have and, it used to work fine on this one until recently. 

 

An issue has arisen since one of the networks attached started to advertise a /16 summary route into my main routing table as an OSPF E2 route. As this is coming from an externally connected network (which I have no control over) and the ASA is not an ABR I have no way to filter out this route, at least none that I tried so far. The problem with this summary route is that it overlaps with the subnet on the management interface. For general management this doesn't seem to be an issue, everything still works fine via the management port but, the EEM script and manual backups using the FTP commands no longer work while this summary route exits in the main routing table. 

 

To test this is the issue I have closed the port to the offending network and backups work fine and they continue to work for a short while once the port is open until the E2 summary route is re-listed in the main routing table. Nothing I have tried to force the FTP traffic over the management port seems to work. Even specifically specifying the management port in the copy FTP command seems to be ignored as long as the /16 is in the main routing table. 

 

Does anyone have any ideas of how this can be fixed/worked around etc?

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card