Enable Internet Traffic in Management Interface

Answered Question
Apr 19th, 2017
User Badges:

Hello


I am using Management Interface in native VLAN and  I am using IP addresses of the Native VLAN for my networking devices. Now i am not able to access from other VLAN. I want to enable Internet Traffic to my Management interface (Mang 0/0). 

Please let me know how i can do that.


Correct Answer by Mark Malone about 2 months 6 days ago

Hi

The actual physical separate  MGMT port is not a full routable port , its a stripped down Layer 3 port with only certain MGMT functions , it cant be used for routing production traffic

Its in its own dedicated interface separate from the control plane of production traffic


This is all it supports


Supported Features on the Ethernet Management Port

The Ethernet management port supports these features:

  • Express Setup (only in switch stacks)

  • Network Assistant

  • Telnet with passwords

  • TFTP

  • Secure Shell (SSH)

  • DHCP-based autoconfiguration

  • SMNP (only the ENTITY-MIB and the IF-MIB)

  • IP ping

  • Interface features
    • Speed—10 Mb/s, 100 Mb/s, and autonegotiation

    • Duplex mode—Full, half, and autonegotiation

    • Loopback detection

  • Cisco Discovery Protocol (CDP)

  • DHCP relay agent

  • IPv4 access control lists (ACLs)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Mark Malone Wed, 04/19/2017 - 02:31
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 LAN

Hi

The actual physical separate  MGMT port is not a full routable port , its a stripped down Layer 3 port with only certain MGMT functions , it cant be used for routing production traffic

Its in its own dedicated interface separate from the control plane of production traffic


This is all it supports


Supported Features on the Ethernet Management Port

The Ethernet management port supports these features:

  • Express Setup (only in switch stacks)

  • Network Assistant

  • Telnet with passwords

  • TFTP

  • Secure Shell (SSH)

  • DHCP-based autoconfiguration

  • SMNP (only the ENTITY-MIB and the IF-MIB)

  • IP ping

  • Interface features
    • Speed—10 Mb/s, 100 Mb/s, and autonegotiation

    • Duplex mode—Full, half, and autonegotiation

    • Loopback detection

  • Cisco Discovery Protocol (CDP)

  • DHCP relay agent

  • IPv4 access control lists (ACLs)

ashutosh.joshi1 Fri, 04/21/2017 - 01:55
User Badges:

So i want to know how can i access my ASA from another vlan/interface. I enable same security level but traffic is not enabled yet.

When i want to access ASA i need to connect the same network then i can.

Please let me know

Mark Malone Wed, 04/19/2017 - 04:01
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 LAN

No sorry its just not programmed to take it , the whole point of the MGMT is its segregated from the current routing control plane so if there is an issue and the device goes into a spin say with a loop or CPU hog you can still access the router through a backdoor MGMT port that's physically separate and built for that purpose

If it was able to and the device went haywire that port would also go offline , leaving you without any access , MGMT ports are like another form of console port basically with a few extra options , we have them in use but use them as a parallel network for the purpose of reachability when there's a major issue to a device

Actions

This Discussion