Cisco Cisco Catalyst 6500 Series Firewall Services Module Technical Manual
FWSM: Multiple Context Configuration Example
Document ID: 107524
Contents
Introduction
Prerequisites
Requirements
Components Used
Conventions
Background Information
Context Configuration Files
Unsupported Features
Management Access to Security Contexts
Configure
Network Diagram
Enabling or Disabling Multiple Context Mode
Configure a Security Context
FWSM: System Execution Space Configuration
Change Between Contexts and the System Execution Space
FWSM − ContextA Configuration
FWSM − ContextB Configuration
Save Configuration Changes in Multiple Context Mode
Verify
Troubleshoot
Restore Single Context Mode
Reload a Security Context
Rename the Context
Delete Context
Related Information
Prerequisites
Requirements
Components Used
Conventions
Background Information
Context Configuration Files
Unsupported Features
Management Access to Security Contexts
Configure
Network Diagram
Enabling or Disabling Multiple Context Mode
Configure a Security Context
FWSM: System Execution Space Configuration
Change Between Contexts and the System Execution Space
FWSM − ContextA Configuration
FWSM − ContextB Configuration
Save Configuration Changes in Multiple Context Mode
Verify
Troubleshoot
Restore Single Context Mode
Reload a Security Context
Rename the Context
Delete Context
Related Information
Introduction
This document describes the steps used to configure multiple context in Firewall Service Module (FWSM).
You can partition a single FWSM into multiple virtual devices, known as security contexts. Each context has
its own security policy, interfaces, and administrators. Multiple contexts are similar to multiple standalone
devices. Many features are supported in multiple context mode, which includes routing tables, firewall
features, and management. Some features are not supported, which includes dynamic routing protocols.
its own security policy, interfaces, and administrators. Multiple contexts are similar to multiple standalone
devices. Many features are supported in multiple context mode, which includes routing tables, firewall
features, and management. Some features are not supported, which includes dynamic routing protocols.
You can use multiple security contexts in these situations:
You are a service provider and want to sell security services to many customers. When you enable
multiple security contexts on the FWSM, you can implement a cost−effective, space−saving solution
that keeps all customer traffic separate and secure, and also eases configuration.
multiple security contexts on the FWSM, you can implement a cost−effective, space−saving solution
that keeps all customer traffic separate and secure, and also eases configuration.
•
You are a large enterprise or a college campus and want to keep departments completely separate.
•
You are an enterprise that wants to provide distinct security policies to different departments.
•
You have any network that requires more than one firewall.
•
Refer to PIX/ASA 7.x and Above: Multiple Context Configuration Example for more information on how to
describe the steps used to configure multiple context in security appliances.
describe the steps used to configure multiple context in security appliances.