01-22-2014 12:59 PM - edited 03-11-2019 08:34 PM
I have two ASA5515s in HA mode, that is working fine. The issue I'm having is I want to access those ASAs via the Mgmt interfaces. The respective interfaces are connected to a 6509 as a routed connection on different bladed. Example. FW-PRI is on gi2/24 and FW-SEC is on gi3/24. That works just fine until I bring up the HA connection and the active FW-PRI pushes the configuration over to the FW-SEC. My question is can the managment interfaces be exluded from the HA fail-over and keep its static assigned ip address?
Solved! Go to Solution.
01-24-2014 02:28 PM
Don't use routed interfaces on the management ports, instead use a VLAN that both management ports belong to.
01-23-2014 02:32 PM
Hello Bruce,
We cannot exclude part of the configuration from being replicated if that is what you are asking.
You can exclude the interface from being monitored basically.
Not sure how or what IPs you are assigning, the IP to the seconday ASA is configured from the primary Firewall.
Regards,
Felipe.
Remember to rate useful posts.
01-24-2014 02:28 PM
Don't use routed interfaces on the management ports, instead use a VLAN that both management ports belong to.
01-24-2014 08:57 PM
That is what I did, created an SVI and assigned each management interface to the SVI. Works just fine.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: