Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA management interface

Cisco recommends that you do not use the management interface for failover, especially for stateful failover in which the security appliance constantly sends the connection information from one security appliance to the other. But, for Management 0/0, you can disable management-only mode so the interface can pass through traffic just like any other interface.

Is the management0/0 interface doing stateful failover once we execute 'no management-only' command?

1 REPLY

ASA management interface

Naveen,

Once you disable management-only  from mgt0/0  interface it simply becomes a regular routed interface just like any other physical interface from the firewall.  This does not means it  will automatically do stateful failover function,  for this function you need to configure it as such.

If you decide to use mgt0/0 interface as dedicated stateful interface it is fine , you will need to follow   the example configuration in this  link ,  see step 4 for details.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807dac5f.shtml

About management-only

http://www.cisco.com/en/US/docs/security/asa/asa83/command/reference/m.html#wp2112407

About stateful  failover configuration

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807dac5f.shtml

Regards

430
Views
0
Helpful
1
Replies
CreatePlease to create content