True OOB management on ASA

Unanswered Question
Nov 22nd, 2008


I was just curious if anyone heard any Cisco's plans to implement a true OOB management interface on ASAs, so this interface does not use the global routing table (has some kind of a default GW for itself or maybe a policy based routing statement), the current implementation of "management-only" is pretty much useless (I can put such interface in my management vlan/subnet but what if I have remote VPN devices connected to this ASA that also need to access the same management vlan?)


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Farrukh Haroon Sun, 11/23/2008 - 01:23

You can make a separate context and place only the management interface in it.

However you will loose the VPN functionality as soon as you go to 'multiple' context mode :)



dmitry Sun, 11/23/2008 - 11:23

Exactly, there will be no VPN functionality, which is the problem. Something similar to VRF-Lite on ASA without the VPN restrictions of multi context would be perfect.

Farrukh Haroon Sun, 11/23/2008 - 21:56

You can request this feature through your local Cisco AM/SE. If many people request it, it has high likelihood of appearing in future software releases.



phmazzoni Tue, 01/05/2010 - 08:13

A true OOB management would be very useful!

Without a separate routing instance this interface is useless.


This Discussion