Filter
Top Products
12-3
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 12 Starting Interface Configuration (ASA 5510 and Higher)
Information About Starting ASA 5510 and Higher Interface Configuration
Note If you installed an IPS module, then the IPS module management interface(s) provides management
access for the IPS module only. For the ASA 5512-X through ASA 5555-X, the IPS SSP software
module uses the same physical Management 0/0 interface as the ASA.
Using Any Interface for Management-Only Traffic
You can use any interface as a dedicated management-only interface by configuring it for management
traffic, including an EtherChannel interface.
Management Interface for Transparent Mode
In transparent firewall mode, in addition to the maximum allowed through-traffic interfaces, you can also
use the Management interface (either the physical interface, a subinterface (if supported for your model),
or an EtherChannel interface comprised of Management interfaces (if you have multiple Management
interfaces)) as a separate management interface. You cannot use any other interface types as management
interfaces.
If your model does not include a Management interface, you must manage the transparent firewall from
a data interface.
In multiple context mode, you cannot share any interfaces, including the Management interface, across
contexts. To provide management per context, you can create subinterfaces of the Management interface
and allocate a Management subinterface to each context. Note that the ASA 5512-X through ASA
5555-X do not allow subinterfaces on the Management interface, so for per-context management, you
must connect to a data interface.
ASA 5520
Yes Yes No No No
ASA 5540
Yes Yes No No No
ASA 5550
Yes Yes No No No
ASA 5580
Yes Yes Yes No No
ASA 5512-X
No Yes No No No
ASA 5515-X
No Yes No No No
ASA 5525-X
No Yes No No No
ASA 5545-X
No Yes No No No
ASA 5555-X
No Yes No No No
ASA 5585-X
Yes Yes Yes Yes
3
Yes
3
1. By default, the Management 0/0 interface is configured for management-only traffic. For supported models in routed mode, you can remove the limitation
and pass through traffic. If your model includes additional Management interfaces, you can use them for through traffic as well. The Management
interfaces might not be optimized for through-traffic, however.
2. The Management 0/0 interface is configured for ASDM access as part of the default factory configuration. See the “Factory Default Configurations”
section on page 2-10 for more information.
3. If you installed an SSP in slot 1, then Management 1/0 and 1/1 provide management access to the SSP in slot 1 only.
Table 12-1 Management Interfaces Per Model
Model
Configurable for
Through Traffic
1
Management 0/0
2
Management 0/1 Management 1/0 Management 1/1