Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1883
Views
10
Helpful
2
Replies

ASAv in Azure Cant change management-only for through traffic ver 9.14

misterit
Level 1
Level 1

‎06-19-2020 12:00 PM - edited ‎06-19-2020 12:13 PM

We are setting up a IPsec VPN tunnel from a local site to an ASAv in Azure. We had to blow away the old ASAv due to a ton if issues and now I cant get the port out of management only. Per docs it says Management is the only interface that will allow a public IP address. Previous ASAv I had the public IP on the management port as the peer for our IPsec tunnel. Is this a new version or something with the deployment of ASAv in Azure infrastructure? Minimal experience here with Azure but from docs we see the ASAv and routing in the Azure infrastructure is a bit wacky and the IP is assigned via Azure DHCP. I pulled up ASDM and it lets me change the management only option but soon as I apply it it goes right back. Did it in the CLI as well and it seems it would be turned off but its not so I cant set up the tunnel.

 


interface Management0/0
no management-only
nameif management
security-level 0
ip address dhcp setroute

0 Helpful
2 Replies 2

Sheraz.Salim
VIP
VIP

‎06-20-2020 01:52 PM - edited ‎06-20-2020 03:27 PM

- Is this a new version or something with the deployment of ASAv in Azure infrastructure?

thats correct. In ASAv you have management and Gig Interfaces.

 

- I pulled up ASDM and it lets me change the management only option but soon as I apply it it goes right back

I never worked on Azure ASAv in cloud. but have heard similar stories/problems the one you mentioned.

 

here 

Note

In Azure, the first defined interface, which is always the Management interface, is the only interface that can have an Azure public IP address associated with it. Because of this, the ASAv in Azure allows though-data traffic on the Management interface. Therefore the initial configuration for the Management interface does not include the management-only setting.
please do not forget to rate.

stevenmc13
Level 1
Level 1

‎09-02-2020 02:05 AM

Has anyone managed to figure this out? I am having the same issue that i cannot setup the tunnel because the interface reverts to management-only, even though on the CLI it is set to "no management-only"

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card