Filter
Top Products
CHAPTER
11-1
Cisco ASA 5500 Series Configuration Guide using ASDM
11
Configuring Multiple Context Mode
This chapter describes how to configure multiple security contexts on the ASA and includes the
following sections:
• Information About Security Contexts, page 11-1
• Licensing Requirements for Multiple Context Mode, page 11-12
• Guidelines and Limitations, page 11-13
• Default Settings, page 11-14
• Configuring Multiple Contexts, page 11-14
• Monitoring Security Contexts, page 11-21
• Feature History for Multiple Context Mode, page 11-24
Information About Security Contexts
You can partition a single ASA into multiple virtual devices, known as security contexts. Each context
is an independent device, with its own security policy, interfaces, and administrators. Multiple contexts
are similar to having multiple standalone devices. Many features are supported in multiple context mode,
including routing tables, firewall features, IPS, and management. Some features are not supported,
including VPN and dynamic routing protocols.
Note When the ASA is configured for security contexts (for example, for Active/Active Stateful Failover),
IPsec or SSL VPN cannot be enabled. Therefore, these features are unavailable.
This section provides an overview of security contexts and includes the following topics:
• Common Uses for Security Contexts, page 11-2
• Context Configuration Files, page 11-2
• How the ASA Classifies Packets, page 11-3
• Cascading Security Contexts, page 11-6
• Management Access to Security Contexts, page 11-7
• Information About Resource Management, page 11-8
• Information About MAC Addresses, page 11-11