Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1394
Views
0
Helpful
0
Replies

ASA Management routing table

Mokhalil82
Level 4
Level 4

‎08-21-2020 02:56 AM

Hi

 

We have 2 DCs both with HA pair of ASA5516-X firewalls. I use the management interfaces for management purposes. I was trying to configure logging to a syslog server. Syslog server IP is 10.10.10.1

My logging config is:

logging host management 10.10.10.1 udp/1514

logging trap informational

route management 10.10.10.1 255.255.255.255 10.190.11.1

All traffic is allowed outbound on the interfaces

 

In one DC this works fine and syslog is sent out via the management interface. In the other DC however the traffic gets routed via the inside interface. Now both ASAs have a route to the inside interface for network 10.10.0.0/16 also but i expected the management route for the more specific ip to take precedence

 

What im trying to figure is how come on one ASA this works fine, whereas on the other is is still trying to route it via the inside interface. There is a software version difference, the one that routes correctly out the management interface is on 9.12(2) however the other one is 9.8(2).

 

Looking into this I seen there was a new feature of a separate management routing table from version 9.5 onwards. Is it possible I need to upgrade the firewall from version 9.8 to the latest?

 

Thanks

 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card