Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
704
Views
0
Helpful
1
Replies

ASA Management / L3 Routing

CompuVision Admin
Level 1
Level 1

‎04-20-2011 09:20 AM - edited ‎03-04-2019 12:08 PM

I have an ASA 5510 connected to our L3 Core ProCurve switch.The ProCurve handles all inter-vlan routing.

ASA Internal VLAN253: 10.253.253.1

ProCurve VLAN253: 10.253.253.2

ProCurve Default Route: 0.0.0.0 0.0.0.0 10.253.253.1

I have a management VLAN/subnet on the network. 10.1.5.0/24. I also have the Management interface on the ASA configured @ 10.1.5.1/24. I want the management subnet/vlan to have WAN access. The problem is that all outbound traffic goes out the default route to 10.253.253.1 like it should but return traffic comes over the Management link since it is directly connected to the 10.1.5.0/24 network.

Is there any way around this? I've been rackin my brain and can't think of anything short of removing the managment interface and just using the Internal ASA interface for management purposes.

Cheers

Labels:
0 Helpful
1 Reply 1

thiland
Level 3
Level 3

‎05-02-2011 11:35 AM

I think the general purpose of the management interface on the ASA is when you are using transparent mode.

Some ideas:

  • Move to multicontext mode and have the Management VLAN in the Admin context and ASA Internal VLAN in a different context
  • Add more specific static routes on the ASA for your management hosts to route 10.1.5.0/24 to 10.253.253.2
  • Make the maangement interface subnet mask on your ASA a /30 (or something outside the range of your WAN-enabled management traffic), but leave your ProCurve alone.
  • Create a dedicated ASA mgmt subnet that doesn't overlap with 10.1.5.0/24

I didn't say they were good ideas

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card