Azure ASAv - Have Dedicated Management Interface and use Outside

mumbles202 · ‎05-01-2024

So I've deployed an ASAv in Azure and it's been assigned a static ip for it's management interface. I'm able to reach the unit and configure it as normal, but I'm not able to remove the "no management-only" command from "interface management0/0". I'd like to leave that as a dedicated management interface and use Gi 0/0, which I have tagged as outside, for all outbound traffic and the interface for AnyConnect.

I imagine I could change the management port to something other than 443 and then just use the management interface for all traffic. Is that the standard way when deploying this firewall in Azure?

I have access to another ASAv in Azure that was deployed the way I initially described, but I'm not able to duplicate that for this newly deployed unit.

mumbles202 · ‎05-03-2024

I was able to get this running w/ the Management interface as the only 1 w/ a public ip and so far it's working. I'll revisit it again to see if I can move the traffic if needed.