Re: Setting up Managment interface in ASA 5525

ermionline · ‎07-16-2019

I have ASA 5525 which is connected to a layer 3 switch and i use the inside interface to manage the ASA and i never used the management interface. But now i wanted to use the ASAs management interface, so can you please help me to configure the management interface including the physical cabling and the necessary routing.

balaji.bandi · ‎07-16-2019

Is this Management Interface is Out of band Management ? if MGMT interface also belong to same network as LAN, connect to switch configure switch port as access port in the same VLAN. so you able to connect.

make sense ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

ermionline · ‎07-16-2019

No Managment interface is not same VLAN as LAN.

Marvin Rhoads · ‎07-16-2019

Just configure it like any other interface. The only tricky bit is routing.

Historically the ASA had only a single global routing table so traffic from the management interface trying to get back to some internal subnet didn't easily have a return path (since traffic cannot flow from the management interface through the ASA). So unless you were running a true out of band management network, routing was challenging.

Since ASA 9.5(1) we have the option of setting up a separate management routing table.

https://www.cisco.com/c/en/us/td/docs/security/asa/asa95/configuration/general/asa-95-general-config/route-overview.html#concept_40C0C8DE2C1247319250B9F7706C54A5