Ace management vlan question

Unanswered Question
Mar 25th, 2009
User Badges:

I would like to deploy multiple contexts on my ace. I am wondering if I can use the same management vlan for all of them or do i need to use different vlans? I would like to use mulitple contexts behind one fwsm for product management reasons, but i only really want one management vlan.


thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Syed Iftekhar Ahmed Wed, 03/25/2009 - 10:46
User Badges:
  • Blue, 1500 points or more

Yes.

You can use a shared management vlan. All the interface among the different contexts (connected to management vlan) needs to have a unique IP.


Also If you are planning to manage these contexts from remote networks then you need static routes for these remote networks.



HTH

Syed Iftekhar Ahmed


RAMAN AZIZIAN Mon, 02/08/2010 - 08:54
User Badges:

Hi Syed,


Can you kindly explain where the static route would need to be applied?

If the management vlan is shared among all the Contexts, and each context have a unique IP address, does the static route get applied at each context (user defined, and admin), and the Sup card?


Thanks for any feedback.


Raman Azizian

dario.didio Tue, 02/09/2010 - 05:31
User Badges:
  • Silver, 250 points or more

Hi,


If you have a managment IP subnet (VLAN) and you want to give each context a unique IP address out of this subnet, then you need to have in each context these static routes defined, because each context has its own routing table.


For example:



Managment subnet 172.16.0.0/24 - router 172.16.0.254

CONTEXT 1     172.16.0.10/24

CONTEXT 2     172.16.0.11/24           

CONTEXT 3     172.16.0.12/24


Management station: 10.0.0.10/24


in this case, in each context you would configure

ip route 10.0.0.10 255.255.255.255 172.16.0.254


assuming your router has a route to reach the management station.


HTH,

Dario

Actions

This Discussion