Guest

Preview Tool

Cisco Bug: CSCvu71033 - EHN: Use "no management-only" command on management interface for ISA3000

Last Modified

Jul 20, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.13(1)

Description (partial)

Symptom:
ISA 300 Running ASA on 9,13 version does not support to use the command "no management-only" on management interface as per documentation said
"For all models except the ASA 5585-X, you cannot disable management-only mode for the Management interface. By default, this command is always enabled."

https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/I-R/cmdref2/m1.html

or well use the management interface to create HA, documentation indicates that only 5506H-X devices can use it:

5506H-X—You can use the Management 1/1 interface as the failover link. If you configure it for failover, you must reload the device for the change to take effect. In this case, you cannot also use the ASA Firepower module, because it requires the Management interface for management purposes.

https://www.cisco.com/c/en/us/td/docs/security/asa/asa913/configuration/general/asa-913-general-config/ha-failover.html#ID-2107-0000004d

Conditions:
The customer doesn't have available interfaces to configure HA, is trying to use management interface fro failover.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.