Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA Appliance Management Interface Routing

Hello ASA Experts,

    Looking for assistance with routing on an ASA in terms of the management interface.  I've always had sketchy results so never really used the Man interface but now I have to.  My question is will the below cause issues or does it work like a VRF on a router?:

route inside 0.0.0.0 0.0.0.0 10.1.1.1

route management 0.0.0.0 0.0.0.0 10.2.2.2

Basically will this cause an outage by routing packets through both interfaces or will this work just fine?

Any assistance would be much appreciated.

/r

Rob

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

ASA Appliance Management Interface Routing

Rob,

All ASA interfaces, including those labeled management, share the same routing table (assuming routed mode, single-context).  Thus, you need to be consciencious of packet flow through the device to avoid forwarding traffic out the wrong interface or asyncronously.

Best,

Christopher

4 REPLIES
Purple

ASA Appliance Management Interface Routing

Hi,

the management interface will not forward data traffic so normally it should not cause any problem for inside data traffic but I've never tried it though.

Regards.

Alain

Don't forget to rate helpful posts.
Hall of Fame Super Silver

ASA Appliance Management Interface Routing

There is some documentation of how routing decisions are made in ASAs in the configuration guide. You can have a default on multiple interfaces but I haven't seen the need to put one on management interface before. Running an actual routing protocol (like OSPF or EIGRP) is preferable.

It's not really like a VRF in that there is only one RIB on an ASA.

Cisco Employee

ASA Appliance Management Interface Routing

Rob,

All ASA interfaces, including those labeled management, share the same routing table (assuming routed mode, single-context).  Thus, you need to be consciencious of packet flow through the device to avoid forwarding traffic out the wrong interface or asyncronously.

Best,

Christopher

New Member

ASA Appliance Management Interface Routing

Christopher,

Thanks a lot.

Rob

969
Views
5
Helpful
4
Replies
CreatePlease login to create content