Cisco Cisco ASA 5555-X Adaptive Security Appliance 安装指南
The Device Package is responsible for allocating and configuring interfaces used in each
service graph in multi-context mode. However, the system administrator is responsible for the
following provisioning of a multi-context ASA before registering it to the APIC:
service graph in multi-context mode. However, the system administrator is responsible for the
following provisioning of a multi-context ASA before registering it to the APIC:
Step 2
Create the required user contexts. (The device package does not create or delete any context.)
Step 3
For each context, make the provisioning similar to that for a single context ASA.
a.
Allocate a management interface to it from the admin context.
Example configuration:
context tenant1
allocate-interface Management0/1
config-url disk0:/tenant1.cfg
b.
In the user context, configure the management interface with nameif as “management,” and
specify a static IP address.
specify a static IP address.
Example configuration:
interface management 0/1
nameif management
ip address 10.1.1.1 255.255.255.0
security-level 100
c.
In the user context, enable HTTPS access to the management interface.
Example configuration:
http server enable
http 0.0.0.0 0.0.0.0 management
d.
Set user credentials and create AAA authentication that allows APIC to have access to the HTTP
console using LOCAL authentication
console using LOCAL authentication
username username password password privilege 15
aaa authentication http console LOCAL
e.
Set up the management route.
f.
Verify that there is crypto key. If it does not exist, generate one using the following commands:
show crypto key mypubkey rsa
crypto key generate rsa