Introduction
This document answers frequently asked questions about the Cisco Adaptive Security Appliance (ASA) in Transparent Mode.
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Q. In an ASA configured as a Transparent Firewall and in Multiple Context mode and a dedicated management interface is configured per context is it necessary to configure a management IP on the same subnet of the Inside/Outside interfaces in order to allow the traffic to pass through?
A: Yes. It is recommended to have management IP for a transparent firewall (or a context) in the same subnet that it lies in. This is used for traffic sourced from the firewall like syslogs, AAA, etc. So,management IP is a must for the transparent firewall even if we have a dedicated management interface. Refer the Information about Transparent Firewall for more details.
Q: Is it possible to share the management interface between contexts or we will have to use separate interfaces for each context?
A: No.For multiple context mode, each context must use different interfaces and you cannot share an interface across contexts. Refer the Transparent Firewall Guidelines for more information.
Q: Can a Management Interface be allocated to a context in an ASA configured as a Transparent firewall?
A: Yes.The transparent security appliance uses an inside interface and an outside interface only. If your platform includes a dedicated management interface, you can also configure the management interface or subinterface for management traffic only. Refer the Transparent Firewall Guidelines for more information.
Introduction
Source: https://supportforums.cisco.com/thread/2037273?tstart=0