I have configured the management interface on an ASA 5525 as follows:
interface Management0/0
description MGMT link to GOLABC012SW - F1/0/17 - VLAN 701
management-only
nameif management
security-level 100
ip address 143.16.191.45 255.255.255.0
The ASA is directly connected to the switch with the following switchport config:
interface FastEthernet1/0/17
description ASA MGT port 00
switchport access vlan 701
switchport mode access
spanning-tree portfast
!
interface Vlan701
description Network lab management VLAN
ip address 143.16.191.15 255.255.255.0
The management interface on the ASA and switch is up/up. From the switch I can ping the ASA. But from the ASA I can't ping the switch and I can't even ping my own IP address at 143.16.191.45 on the ASA let alone anything on the 143.16.191.x subnet.
GOLABASA1/sec/actNoFailover# ping 143.16.191.45
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 143.16.191.45, timeout is 2 seconds:
?????
Success rate is 0 percent (0/5)
Here's my ARP table from the ASA. So I am seeing IP hosts from the 143.16.191.x in the ARP table.
GOLABASA1/sec/actNoFailover# sh arp
outside 193.17.99.65 7081.057c.9501 0
serverlan 143.16.80.53 6c20.5665.5ec0 5246
serverlan 143.16.80.49 1cdf.0f83.3240 10814
management 143.16.191.1 7c95.f35b.4ef3 10184
management 143.16.191.26 b4a4.e3ee.96c1 12505
management 143.16.191.29 8cb6.4ff4.51c1 12512
Anyway, I'm a bit of a novice on ASA firewalls. I think I may missing something very basic. Any suggestions on what else to look for would be much appreciated.
