Why a separate management port if I can also logon from the trusted port? Is there a setting so I can prevent anyone from logging in via the trusted port so that they must use the Management port? Does the MP offer some special settings not available on the other ports?
Solved! Go to Solution.
Dataplane can be down in some situations that is the reason there is a segregation between dataplane and management plane so even during high traffic you can easily access the device through management plane.
You can disable services under management-profile applied to that interface to restrict access ( or not use a management-profile at all)
add to it ++
Once you will configure HA ( High Availability) active/passive setup, then data-plane interfaces will be not accessible. In that situation, you can only access the management port to manage the Passive FW and also to download/install dynamic-updates.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!