03-21-2016 10:13 AM - edited 03-12-2019 12:31 AM
What is the function of MGMT port of Cisco asa ? I am looking detail about this .
Solved! Go to Solution.
03-21-2016 11:25 AM
Also, keep in mind that to access the ASA remotely over VPN you will need to add the route-lookup keyword at the end of the NAT exempt statement (This is as of ASA version 9.1 if I remember correctly)
--
Please remember to select a correct answer and rate helpful posts
03-21-2016 10:37 AM
Hi,
It is used for Out-of band management purpose if any network outage in Production Interface.
03-21-2016 11:13 AM
Hi Marius ,
Thanks for the replying my question !
Hi Sachintambat , will you please explain me in detail about Out-of -band management. Actually I am looking for this so that I will remotely manage our asa . We really want to turn on/off remote asa using some technology.
Thanks a lot . I appreciate your help.
-Sulochana
03-21-2016 11:19 AM
Out of band just means it is a separate network used only for management traffic which is not accessible by any other network in your environment. So you basically build another network parallel to your data network.
As far as I know the ASA does not have an ILO feature (similar to what you get with HP servers). So turning on / off an ASA remotely is not possible, with the exception of just restarting the ASA.
--
Please remember to select a correct answer and rate helpful posts
03-21-2016 10:38 AM
If you are asking about the management-access command then this command restricts the interface this command is configured on to only accept management traffic or to the box traffic. such as SSH, HTTPS, SNMP, etc. Through the box data traffic is not permitted when this command is configured.
If you are talking about the managment interface itself then this is just a normal interface but it is limited to 100Mbps. You can remove the management-access command from this interface and use it as a normal data interface if you want.
--
Please remember to select a correct answer and rate helpful posts
03-21-2016 11:18 AM
Hi Marius,
Do you have any link for this so that I will grasp this in detail. We have asa and the port is shutdown. We want to utilize this port .I really want to learn detail about management-access command.
Thank you,
-Sulochana
03-21-2016 11:23 AM
management-access is used only over VPN (either remote access or site 2 site VPN). This allows the administrator to ping and access the defined interface defined by the management-access command. This is the only use for this command.
--
Please remember to select a correct answer and rate helpful posts
03-21-2016 11:25 AM
Also, keep in mind that to access the ASA remotely over VPN you will need to add the route-lookup keyword at the end of the NAT exempt statement (This is as of ASA version 9.1 if I remember correctly)
--
Please remember to select a correct answer and rate helpful posts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide