ASA Mana0/0 Interface for Rescue

Unanswered Question
Jun 22nd, 2009
User Badges:

We have been using the management0/0 interface for the failover process with success. I have a co-worker who claims this is not recommended. Has anyone got decisive information either for or against this practice?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Mon, 06/22/2009 - 12:55
User Badges:
  • Purple, 4500 points or more

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807dac5f.shtml


Cisco recommends that you do not use the management interface for failover, especially for stateful failover in which the security appliance constantly sends the connection information from one security appliance to the other. The interface for failover must be at least of the same capacity as the interfaces that pass regular traffic, and while the interfaces on the ASA 5540 are gigabit, the management interface is FastEthernet only. The management interface is designed for management traffic only and is specified as management0/0.

Actions

This Discussion