Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2955
Views
5
Helpful
5
Replies

ASAv Management-Only setting

dkmz
Level 1
Level 1

‎06-02-2020 03:49 PM

I'm trying to deploy ASAv in Azure and as the docs suggest, the management-only setting should be removed from the Management interface since "...the Management interface is the only interface that can have an Azure public IP address associated with it. Because of this, the ASAv in Azure allows though-data traffic on the Management interface."

 

However, when I'm trying to configure the ASAv in ASDM, the checkbox for "Dedicate this interface to management only" (under Interface Settings->Interfaces)  keeps reverting to checked, every time I uncheck it and click Apply.  I need to configure AnyConnect VPN on the Management Interface and the only way the wizard allows that interface as a VPN option in the dropdown box is if the above mentioned checkbox is unchecked.

 

If this is some type of bug, another option that might work is if there was an easy way to route incoming VPN requests on the Management interface to one of the other interfaces where I can enable VPN but I'm new to this and haven't gotten that far yet.

2 people had this problem
0 Helpful
5 Replies 5

Sheraz.Salim
VIP
VIP

‎06-02-2020 04:13 PM

what is the ASA code you running and what is the ASDM version you on? curious if you have a CLI accesses. you can manually give it the commands.

interface man0/0
nameif mgmt
security-level 0
ip address x.x.x.x x.x.x.x
no managment-only
!
please do not forget to rate.
0 Helpful

dkmz
Level 1
Level 1
In response to Sheraz.Salim

‎06-02-2020 04:25 PM

ASDM Version 7.14(1)

ASA Version 9.14(1)

Privilege Level 15

 

I've tried the following commands in an SSH session but the ASDM doesn't seem to recognize the changes (or reverts them back before I can tell):

 

enable
conf t
interface management 0/0
no management-only

0 Helpful

Sheraz.Salim
VIP
VIP
In response to dkmz

‎06-02-2020 04:31 PM

once you apply the changes from the CLI/SSH do refresh the ASDM. it will show you the new changes.

please do not forget to rate.

dkmz
Level 1
Level 1
In response to Sheraz.Salim

‎06-02-2020 04:35 PM

I renamed to mgmt and set security level back to 0 and it picked those changes up, but still not the management-only, where the box remains checked

0 Helpful

seckka21
Level 1
Level 1
In response to dkmz

‎08-24-2022 03:44 PM

Hello

I have the same issue.I would like to uncheck the managemen box.

Cordially

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card