CHAPTER
6-1
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
6
Configuring Multiple Context Mode
This chapter describes how to configure multiple security contexts on the adaptive security appliance
and includes the following sections:
• Information About Security Contexts, page 6-1
• Licensing Requirements for Multiple Context Mode, page 6-12
• Guidelines and Limitations, page 6-12
• Default Settings, page 6-13
• Configuring Multiple Contexts, page 6-13
• Monitoring Security Contexts, page 6-20
• Feature History for Multiple Context Mode, page 6-23
Information About Security Contexts
You can partition a single adaptive security appliance into multiple virtual devices, known as security
contexts. Each context is an independent device, with its own security policy, interfaces, and
administrators. Multiple contexts are similar to having multiple standalone devices. Many features are
supported in multiple context mode, including routing tables, firewall features, IPS, and management.
Some features are not supported, including VPN and dynamic routing protocols.
Note When the adaptive security appliance is configured for security contexts (for example, for Active/Active
Stateful Failover), IPsec or SSL VPN cannot be enabled. Therefore, these features are unavailable.
This section provides an overview of security contexts and includes the following topics:
• Common Uses for Security Contexts, page 6-2
• Context Configuration Files, page 6-2
• How the Security Appliance Classifies Packets, page 6-3
• Cascading Security Contexts, page 6-6
• Management Access to Security Contexts, page 6-7
• Information About Resource Management, page 6-8
• Information About MAC Addresses, page 6-11
To Next Page
Loading...
Need help?
General
