Cisco Cisco Catalyst 6500 Series Firewall Services Module Technical Manual
Unsupported Features
Multiple context mode does not support these features:
Dynamic routing protocols
Security contexts support only static routes. You cannot enable OSPF or RIP in multiple context
mode.
mode.
•
Multicast
•
Management Access to Security Contexts
The FWSM provides system administrator access in multiple context mode as well as access for individual
context administrators. These sections describe logging in as a system administrator or as a a context
administrator:
context administrators. These sections describe logging in as a system administrator or as a a context
administrator:
System Administrator Access
You can access the FWSM as a system administrator in two ways:
Session to the FWSM from the switch.
From the switch, you access the system execution space.
•
Access the admin context using Telnet, SSH, or ASDM.
Refer to Configuring Management Access for more information on how to enable Telnet, SSH, and
SDM access.
SDM access.
•
As the system administrator, you can access all contexts.
When you change to a context from admin or the system, your username changes to the default
enable_15
"
username. If you configured command authorization in that context, you need to either configure
authorization privileges for the
authorization privileges for the
enable_15
user, or you can log in as a different name for which you provide
sufficient privileges in the command authorization configuration for the context. Enter the login command in
order to log in with a username. For example, you log in to the admin context with the username
order to log in with a username. For example, you log in to the admin context with the username
admin
. The
admin context does not have any command authorization configuration, but all other contexts include
command authorization. For convenience, each context configuration includes a user
command authorization. For convenience, each context configuration includes a user
admin
with maximum
privileges. When you change from the admin context to context A, your username is altered, so you must log
in again as
in again as
admin
when you enter the login command. When you change to context B, you must again enter
the login command to log in as
admin
.
The system execution space does not support any AAA commands, but you can configure its own enable
password, as well as usernames in the local database, in order to provide individual logins.
password, as well as usernames in the local database, in order to provide individual logins.
Context Administrator Access
You can access a context with Telnet, SSH, or ASDM. If you log in to a non−admin context, you can only
access the configuration for that context. You can provide individual logins to the context.
access the configuration for that context. You can provide individual logins to the context.
Configure
In this section, you are presented with the information to configure the features described in this document.