Q.In an ASA configured as a Transparent Firewall and in Multiple Context mode and a dedicated management interface is configured per context is it necessary to configure a management IP on the same subnet of the Inside/Outside interfaces in order to allow the traffic to pass through?
A: Yes. It is recommended to have management IP for a transparent firewall (or a context) in the same subnet that it lies in. This is used for traffic sourced from the firewall like syslogs, AAA, etc. So,management IP is a must for the transparent firewall even if we have a dedicated management interface. Refer the Information about Transparent Firewall for more details.
Q: Is it possible to share the management interface between contexts or we will have to use separate interfaces for each context?
A: No.For multiple context mode, each context must use different interfaces and you cannot share an interface across contexts. Refer the Transparent Firewall Guidelines for more information.
Q: Can a Management Interface be allocated to a context in an ASA configured as a Transparent firewall?
A: Yes.The transparent security appliance uses an inside interface and an outside interface only. If your platform includes a dedicated management interface, you can also configure the management interface or subinterface for management traffic only. Refer the Transparent Firewall Guidelines for more information.