Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

ASA in HA mode/management access.

  I have two ASA5515s in HA mode, that is working fine. The issue I'm having is I want to access those ASAs via the Mgmt interfaces. The respective interfaces are connected to a 6509 as a routed connection on  different bladed.  Example. FW-PRI is on gi2/24 and FW-SEC is on gi3/24.  That works just fine until I bring up the HA connection and the active FW-PRI pushes the configuration over to the FW-SEC.  My question is can the managment interfaces be exluded from the HA fail-over and keep its static assigned ip address?                

1 ACCEPTED SOLUTION

Accepted Solutions

ASA in HA mode/management access.

Don't use routed interfaces on the management ports, instead use a VLAN that both management ports belong to.

3 REPLIES
Bronze

ASA in HA mode/management access.

Hello Bruce,

We cannot exclude part of the configuration from being replicated if that is what you are asking.

You can exclude the interface from being monitored basically.

Not sure how or what IPs you are assigning, the IP to the seconday ASA is configured from the primary Firewall.

Regards,

Felipe.

Remember to rate useful posts.

ASA in HA mode/management access.

Don't use routed interfaces on the management ports, instead use a VLAN that both management ports belong to.

New Member

ASA in HA mode/management access.

That is  what I did, created an SVI and assigned each management interface to the SVI. Works just fine.

307
Views
0
Helpful
3
Replies
CreatePlease to create content