Management port question

L0 Member

Management port question

Why a separate management port if I can also logon from the trusted port? Is there a setting so I can prevent anyone from logging in via the trusted port so that they must use the Management port? Does the MP offer some special settings not available on the other ports?

L5 Sessionator

Re: Management port question

Dataplane can be down in some situations that is the reason there is a segregation between dataplane and management plane so even during high traffic you can easily access the device through management plane.

You can disable services under management-profile applied to that interface to restrict access ( or not use a management-profile at all)

L0 Member

Re: Management port question

Excellent response and explanation.  Thank you

L7 Applicator

Re: Management port question

add to it ++

Once you will configure HA ( High Availability) active/passive setup, then data-plane interfaces will be not accessible. In that situation, you can only access the management port to manage the Passive FW and also to download/install dynamic-updates.


Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!