Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
654
Views
0
Helpful
1
Replies

ASA management interface

Naveen Gupta
Level 1
Level 1

‎11-01-2011 02:43 PM

Cisco recommends that you do not use the management interface for failover, especially for stateful failover in which the security appliance constantly sends the connection information from one security appliance to the other. But, for Management 0/0, you can disable management-only mode so the interface can pass through traffic just like any other interface.

Is the management0/0 interface doing stateful failover once we execute 'no management-only' command?

Labels:
0 Helpful
1 Reply 1

JORGE RODRIGUEZ
Level 10
Level 10

‎11-01-2011 06:47 PM

Naveen,

Once you disable management-only  from mgt0/0  interface it simply becomes a regular routed interface just like any other physical interface from the firewall.  This does not means it  will automatically do stateful failover function,  for this function you need to configure it as such.

If you decide to use mgt0/0 interface as dedicated stateful interface it is fine , you will need to follow   the example configuration in this  link ,  see step 4 for details.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807dac5f.shtml

About management-only

http://www.cisco.com/en/US/docs/security/asa/asa83/command/reference/m.html#wp2112407

About stateful  failover configuration

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807dac5f.shtml

Regards

Jorge Rodriguez
0 Helpful
Customers Also Viewed These Support Documents