Redundant Interfaces with Management0/0 on ASA5510

Answered Question
Jan 7th, 2009
User Badges:

Readers,


Is it possible to configure redundant interfaces on the Management port?


Thanks,


Timothy

Correct Answer by lmslattery about 7 years 12 months ago

Hi Raj... Sorry I don't agree with your response here.


It is possible to group interfaces on the same firewall for redundancy with the "Interface Redundant" command. Unfortunately though the Managment port can't be included in a interface bundle , even if you are using it to pass traffic as a standard port....which doesn't make sense to me.



Correct Answer by sachinraja about 8 years 2 months ago

Ya Timothy. I think that was what I had replied to. Technically not possible to group, on the same firewall. If you need redundancy, you need to have a failover firewall.


or else, if you want, u can monitor the firewall on other ports available.


Does this answer your question ?


Happy New year. have a great year ahead.


Raj

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (4 ratings)
Loading.
sachinraja Wed, 01/07/2009 - 21:28
User Badges:
  • Red, 2250 points or more

Timothy


normal ASA boxes just have a single management interface.. I really dont feel the need for redundancy here.. If you need one, you can get a failver ASA box, and build up redundancy..


in any case, you have other interaces like inside, through which you can enable management, like telnet, http etc, if required.. or any other DMZ interface (say network management DMZ)... its all flexible.. with all these, i really dont see any need for a redundant management port...


Hope this helps.. all the best..


Raj

tbogie_gvds Thu, 01/08/2009 - 14:26
User Badges:

Raj,


If possible, I was looking for a technical answer rather than your feelings for the soundness of my question.


Thanks,


Timothy

sachinraja Thu, 01/08/2009 - 16:16
User Badges:
  • Red, 2250 points or more

Sorry Timothy.. Did not get what you are saying ! wasnt it technical ? anyways, all the best...


Raj

tbogie_gvds Thu, 01/08/2009 - 16:23
User Badges:

Raj,


All I ws trying to find out was is it technically possible to configure another physical interface on an ASA5510 as a management interface and then have it assigned along with Management0/0 as a redundant group?


Thanks,


Timothy

Correct Answer
sachinraja Thu, 01/08/2009 - 16:29
User Badges:
  • Red, 2250 points or more

Ya Timothy. I think that was what I had replied to. Technically not possible to group, on the same firewall. If you need redundancy, you need to have a failover firewall.


or else, if you want, u can monitor the firewall on other ports available.


Does this answer your question ?


Happy New year. have a great year ahead.


Raj

tbogie_gvds Thu, 01/08/2009 - 17:50
User Badges:

Raj,


Ok, Thanks. You have answered my question.


Many Thanks for your quick reply.


Timothy

sachinraja Thu, 01/08/2009 - 19:15
User Badges:
  • Red, 2250 points or more

You are welcome Timothy.. We are always here to learn more and share our knowledge & experience... let us know if you need any more infoo... :)


Raj

Correct Answer
lmslattery Wed, 04/01/2009 - 21:41
User Badges:

Hi Raj... Sorry I don't agree with your response here.


It is possible to group interfaces on the same firewall for redundancy with the "Interface Redundant" command. Unfortunately though the Managment port can't be included in a interface bundle , even if you are using it to pass traffic as a standard port....which doesn't make sense to me.



tbogie_gvds Thu, 04/02/2009 - 21:45
User Badges:

Great answer! The level of detail that you have provided is vey much appreciated.


ThankYou!


Actions

This Discussion