https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931215#M917772 <P>one of my client has following requirement for ASA 5510 with CSC.</P><P>They want to publish their emails (DMZ) and want to use asa just like standard firewall setup. </P><P>On same ASA they want to connect 15 guest user on there n/w with complete different firewall and content filtering policies. My question:</P><P>1- If i use security context. Can i still use VPN features and content filtering </P><P>2- Can i define complete different zone for these guest users and define different content filtering policies.</P><P></P><P>If both are possible which one is more appropriate.</P><P></P><P></P> Wed, 13 Mar 2019 00:57:39 GMT omair.siddiqui 2019-03-13T00:57:39Z https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931215#M917772 <P>one of my client has following requirement for ASA 5510 with CSC.</P><P>They want to publish their emails (DMZ) and want to use asa just like standard firewall setup. </P><P>On same ASA they want to connect 15 guest user on there n/w with complete different firewall and content filtering policies. My question:</P><P>1- If i use security context. Can i still use VPN features and content filtering </P><P>2- Can i define complete different zone for these guest users and define different content filtering policies.</P><P></P><P>If both are possible which one is more appropriate.</P><P></P><P></P> Wed, 13 Mar 2019 00:57:39 GMT https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931215#M917772 omair.siddiqui 2019-03-13T00:57:39Z https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931216#M917776 <HTML><HEAD></HEAD><BODY><P>Hi Omair,</P><P>VPN is not supported in context mode.</P><P></P></BODY></HTML> Wed, 25 Jun 2008 06:45:01 GMT https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931216#M917776 dhananjoy chowdhury 2008-06-25T06:45:01Z https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931217#M917781 <HTML><HEAD></HEAD><BODY><P>Hmm but i need IPSEC VPN and probably 4-10 SSL VPN beside IPSEC.</P><P></P><P>Means i cannot use security context for this problem...</P><P></P><P>what if define 4 zones inside--outside--DMZ--GUEST and</P><P></P><P>Assign different firewall and content filtering properties for inside and GUEST zone. </P><P></P><P>In guest zone i will have different subnet and only guest machines will be connected there..</P><P></P><P>Kindly reply</P><P></P><P></P></BODY></HTML> Wed, 25 Jun 2008 10:21:32 GMT https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931217#M917781 omair.siddiqui 2008-06-25T10:21:32Z https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931218#M917788 <HTML><HEAD></HEAD><BODY><P>Kindly help to sort it out!!!!</P><P></P><P>Become critical for me</P></BODY></HTML> Thu, 26 Jun 2008 06:03:19 GMT https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931218#M917788 omair.siddiqui 2008-06-26T06:03:19Z https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931219#M917793 <HTML><HEAD></HEAD><BODY><P>Hi Omar,</P><P>Yes creating a Guest zone is what people do generally.</P><P></P><P>Then you have to configure access-lists for the Guest zone IP subnet permitting only the required services like http, mail etc.. Rest all traffic from and to the guest zone should be denied.</P><P></P><P>I believe this should suffice the requirement of your management.</P><P>Also make sure the guest zone is on an isolated vlan on the switch.</P><P></P><P></P></BODY></HTML> Thu, 26 Jun 2008 06:40:35 GMT https://community.cisco.com/t5/network-security/5510-with-csc-module-multiple-context-confusion/m-p/931219#M917793 dhananjoy chowdhury 2008-06-26T06:40:35Z