1-12
Cisco ASA Series CLI Configuration Guide
 
Chapter 1      Completing Interface Configuration (Transparent Mode)
  Completing Interface Configuration in Transparent Mode
Configuring a Management Interface (ASA 5510 and Higher)
You can configure one management interface separate from the bridge group interfaces in single mode 
or per context. For more information, see the “Management Interface” section on page 1-2.
Restrictions
• See the “Management Interface” section on page 1-2.
• Do not assign this interface to a bridge group; a non-configurable bridge group (ID 101) is 
automatically added to your configuration. This bridge group is not included in the bridge group 
limit.
• If your model does not include a Management interface, you must manage the transparent firewall 
from a data interface; skip this procedure. (For example, on the ASA 5505.)
• In multiple context mode, you cannot share any interfaces, including the Management interface, 
across contexts. To provide management per context, you can create subinterfaces of the 
Management interface and allocate a Management subinterface to each context. Note that the ASA 
5512-X through ASA 5555-X do not allow subinterfaces on the Management interface, so for 
per-context management, you must connect to a data interface.
Prerequisites
• Complete the procedures in Chapter 1, “Starting Interface Configuration (ASA 5510 and Higher).”
• In multiple context mode, you can only configure context interfaces that you already assigned to the 
context in the system configuration according to the “Configuring Multiple Contexts” section on 
page 1-15.
• In multiple context mode, complete this procedure in the context execution space. To change from 
the system to a context configuration, enter the changeto context name command.
Detailed Steps
Command Purpose
Step 1
interface {{port-channel number | 
management slot/port}[.subinterface] | 
mapped_name}
Example:
hostname(config)# interface management 
0/0.1
If you are not already in interface configuration mode, enters 
interface configuration mode for the management interface.
The port-channel number argument is the EtherChannel interface 
ID, such as port-channel 1. The EtherChannel interface must 
have only Management member interfaces.
Redundant interfaces do not support Management slot/port 
interfaces as members. You also cannot set a redundant interface 
comprised of non-Management interfaces as management-only.
In multiple context mode, enter the mapped_name if one was 
assigned using the allocate-interface command.
Step 2
nameif name
Example:
hostname(config-if)# nameif management
Names the interface.
The name is a text string up to 48 characters, and is not 
case-sensitive. You can change the name by reentering this 
command with a new value. Do not enter the no form, because 
that command causes all commands that refer to that name to be 
deleted.