VPN and the Management Interface on ASA5510

retail · ‎01-09-2007

Hello, I currently have an ASA5510 test setup using the physical inside interface (10.0.1.X) as a management network and a VLAN inside subinterface (192.168.0.X) network as the corporate LAN. I currently VPN into the ASA5510 to access both networks behind the inside interface. I know this isn't the best way to do this as I am just testing the VLAN capabilities. I would like to ultimately move the management network (10.0.1.X) to the physical management interface and move the corp LAN (192.168.0.X) to the physical inside interface, getting rid of the VLAN on the inside. My question is: will I be able to access the management interface from my VPN as before if I do this? What are the capabilities/limitations of the management physical interface?

Any help or advice on how best to accomplish this would be appreciated.

wong34539 · ‎01-15-2007

Yes you can use the management interface as a regular interface. All you have to do is go into the management interace configuration mode and enter:

no management-only

Then you can use the interface as if it was a regular interface.

d8k2s9g2k · ‎01-15-2007

When I go into the asdm to disable management on the interface, the checkbox: "Dedicate this interface to management only" is greyed out and unavailable. I tried it through the cli as well but it said that, "management-access not enabled on interface 'management'". I guess it is a licensing thing or something.