Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
644
Views
0
Helpful
4
Replies

Managing logical device ASA from Firepower 4120 physical management port

Go to solution
gb7832
Level 1
Level 1

‎01-30-2018 05:37 PM - edited ‎02-21-2020 07:14 AM

I can't find any documentation that this is doable. 

It seems that I need to burn one of the 8 ports to manage the logical ASA directly.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-30-2018 09:36 PM

That's correct. The physical management port is for management of the chassis.

 

Logical devices need to have a port assigned from among the interfaces allocated to them. If it's an ASA logical device, you can allow management from a data interface.

View solution in original post

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to gb7832

‎01-31-2018 08:59 AM

The part about needing to allocate an interface for management of an FTD logical device is true.

 

The difference is that an FTD device must have a dedicated management/eventing interface to talk to the managing FMC. You don't have the option of relying solely on the "inside" or other such interface like you can with an ASA logical device.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-30-2018 09:36 PM

That's correct. The physical management port is for management of the chassis.

 

Logical devices need to have a port assigned from among the interfaces allocated to them. If it's an ASA logical device, you can allow management from a data interface.

0 Helpful

Go to solution
gb7832
Level 1
Level 1
In response to Marvin Rhoads

‎01-31-2018 08:10 AM

Thanks for the confirmation. 

 

Is this, also, true if my logical device is FTD?

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to gb7832

‎01-31-2018 08:59 AM

The part about needing to allocate an interface for management of an FTD logical device is true.

 

The difference is that an FTD device must have a dedicated management/eventing interface to talk to the managing FMC. You don't have the option of relying solely on the "inside" or other such interface like you can with an ASA logical device.

0 Helpful

Go to solution
gb7832
Level 1
Level 1
In response to Marvin Rhoads

‎02-02-2018 08:19 AM

Awesome info!  Thanks Marvin!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card