Cisco Bug: CSCvu71033 - EHN: Use "no management-only" command on management interface for ISA3000
Jul 20, 2020
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: ISA 300 Running ASA on 9,13 version does not support to use the command "no management-only" on management interface as per documentation said "For all models except the ASA 5585-X, you cannot disable management-only mode for the Management interface. By default, this command is always enabled." https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/I-R/cmdref2/m1.html or well use the management interface to create HA, documentation indicates that only 5506H-X devices can use it: 5506H-X—You can use the Management 1/1 interface as the failover link. If you configure it for failover, you must reload the device for the change to take effect. In this case, you cannot also use the ASA Firepower module, because it requires the Management interface for management purposes. https://www.cisco.com/c/en/us/td/docs/security/asa/asa913/configuration/general/asa-913-general-config/ha-failover.html#ID-2107-0000004d Conditions: The customer doesn't have available interfaces to configure HA, is trying to use management interface fro failover.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases