Hi,
Is it possible to use the mgmt port on a Cisco ASA 5520 for failoverlink to the standby firewall? The ASA 5520 has four gigabit interfaces and one 100 Mb/s interface as management port.
I don't want to waste a usless port and we use management on inside interface anyway. According to the docs the failover interface must be a dedicated interface.
Thanks in advance, Bernd
I'm not an expert in the ASA world, but in all of the Cisco products I have ever used, a dedicated management port cannot serve a dual purpose........They are usually on separate internal components and are limited in functionality.
Hmm. on the ASA 5520 and 5510 the management port appears as a normal interface like the other fours. With the ASDM i can assign a security level and also mark it as management only or not. The ASA 5505 is even more flexible: It has a 8 port switch and one can assign vlans on the ports one wants.
Currently the management port is not connected on our ASA5520. We do the configuration on the inside interface and for emergency we have the serial port.
Bye Bernd
The management interface can pass traffic like any other interface . You just need to remove the line;
management-only
And though it is recommended that the failover interface be dedicated , it is not mandatory, and it could easily cohabit with small management traffic.
Hi,
I have recently configured an ASA 5510 Management interface as the Failover interface. ! interface Management0/0 description LAN Failover Interface ! failover failover lan unit primary failover lan interface LAN_Failover Management0/0 failover key **** failover replication http failover interface ip LAN_Failover 172.X.X.1 255.255.255.252 standby
172.X.X..2Works OK for me.
Regards
Darren
Hi Darren,
Many thanks for your answerl I'll try this.
Regards, Bernd
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.