Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA-5520 Multiple-context - Mgmt Inteface problem...

I have the following issue with the management interface of an ASA5520 running version 7.0(7).

I'm currently using two contexts in transparent mode.

The management interface is currently assigned to the admin-context and is physically connected to a cat4500 switch in a management Vlan.

The issue is that I have intermitent communication with this IP address from the 4500 and I just can't explain what's going on, the IP address configured in the management port is not repeated in the vlan and the interface vlan in the 4500 is always UP.

This is the configuration I am using in ASA:

*****system space*****

firewall transparent


interface GigabitEthernet0/0


interface GigabitEthernet0/1


interface GigabitEthernet0/2


interface GigabitEthernet0/3


interface Management0/0

speed 100

duplex full


admin-context admin

context admin

allocate-interface GigabitEthernet0/0

allocate-interface GigabitEthernet0/1

allocate-interface Management0/0


context VPN

allocate-interface GigabitEthernet0/2

allocate-interface GigabitEthernet0/3



interface Management0/0

nameif gestion

security-level 0



interface GigabitEthernet0/0

nameif inside

security-level 100


interface GigabitEthernet0/1

nameif outside

security-level 0


access-list 199 extended permit ip any any


mtu gestion 1500

mtu inside 1500

mtu outside 1500

ip address

arp timeout 14400

access-group 199 in interface gestion

access-group 100 in interface inside

access-group 101 in interface outside

route gestion 1


aaa authentication ssh console LOCAL

http server enable

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet timeout 5

ssh gestion

ssh timeout 5

ssh version 1

dhcpd lease 3600

dhcpd ping_timeout 50


As I explained it is possible to log into the ASA using SSH but the connection is dropped at some point. I also need to upgrade the software version but the tftp session is dropped due to lack of conectivity.

Does anybody have a clue regarding the possible solution?

Many thanks


Re: ASA-5520 Multiple-context - Mgmt Inteface problem...

The adaptive security appliance has a dedicated interface for device management that is referred to as the Management0/0 port. The Management0/0 port is a Fast Ethernet interface. This port is similar to the Console port, but the Management0/0 port only accepts incoming traffic to the adaptive security appliance.You can configure any interface to be a management-only interface using the management-only command. You can also disable management-only mode on the management interface. For more information about this command, see the management-only command in the Cisco Security Appliance Command Reference prsent in the link below:

refer the link below for troubleshooting guide: