Ace management vlan question

Unanswered Question
Mar 25th, 2009

I would like to deploy multiple contexts on my ace. I am wondering if I can use the same management vlan for all of them or do i need to use different vlans? I would like to use mulitple contexts behind one fwsm for product management reasons, but i only really want one management vlan.

thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Syed Iftekhar Ahmed Wed, 03/25/2009 - 10:46

Yes.

You can use a shared management vlan. All the interface among the different contexts (connected to management vlan) needs to have a unique IP.

Also If you are planning to manage these contexts from remote networks then you need static routes for these remote networks.

HTH

Syed Iftekhar Ahmed

RAMAN AZIZIAN Mon, 02/08/2010 - 08:54

Hi Syed,

Can you kindly explain where the static route would need to be applied?

If the management vlan is shared among all the Contexts, and each context have a unique IP address, does the static route get applied at each context (user defined, and admin), and the Sup card?

Thanks for any feedback.

Raman Azizian

dario.didio Tue, 02/09/2010 - 05:31

Hi,

If you have a managment IP subnet (VLAN) and you want to give each context a unique IP address out of this subnet, then you need to have in each context these static routes defined, because each context has its own routing table.

For example:

Managment subnet 172.16.0.0/24 - router 172.16.0.254

CONTEXT 1     172.16.0.10/24

CONTEXT 2     172.16.0.11/24           

CONTEXT 3     172.16.0.12/24

Management station: 10.0.0.10/24

in this case, in each context you would configure

ip route 10.0.0.10 255.255.255.255 172.16.0.254

assuming your router has a route to reach the management station.

HTH,

Dario

Actions

This Discussion