Using the Firewall Threat Defense data interface for management
Using the Firewall Threat Defense data interface for management is a configuration option that
-
allows communication with the through a regular data interface instead of the dedicated Management interface
-
enables remote management from the outside interface when a separate management network is not available, and
Manager access requirements
Manager access from a data interface has the requirements listed in this table.
-
You can only enable manager access on one physical, data interface. You cannot use a subinterface or EtherChannel, nor can you create a subinterface on the manager access interface.
-
This interface cannot be management-only.
-
Routed firewall mode only, using a routed interface.
-
PPPoE is not supported. If your ISP requires PPPoE, you will have to put a router with PPPoE support between the Firewall Threat Defense and the WAN modem.
-
The interface must be in the global VRF only.
-
SSH is not enabled by default for data interfaces, so you will have to enable SSH later using the . Because the Management interface gateway will be changed to be the data interfaces, you also cannot SSH to the Management interface from a remote network unless you add a static route for the Management interface using the configure network static-routes command.
-
Clustering is not supported. You must use the Management interface in this case.