07-02-2012 03:55 AM - edited 03-11-2019 04:25 PM
Hi,
On my production environment I have a firewall with already two contexts defined (15% of CPU used) and I want to add a new one.
This context is going to use the same interfaces as the others contexts. When I will enable the context, can I have some sort of repercussion on these two context ?
Thanks for your help.
Solved! Go to Solution.
07-02-2012 04:42 AM
Hi,
Unless you have checked already, make sure that you have a license that enables you to use more than 2 Security Contexts on the ASA
Use the "show version" command on the system context configuration mode
The command "show context count" in system context configuration mode also shows the used context amount.
To make a new context, using the command "context
After this you should allocate the interfaces to the context with the command "allocate-interface
Why would you have all the same interfaces on the new context compared to the old ones?
Or do you mean you have trunk interfaces on the ASA and you have subinterfaces attached to the contexts?
- Jouni
07-02-2012 04:42 AM
Hi,
Unless you have checked already, make sure that you have a license that enables you to use more than 2 Security Contexts on the ASA
Use the "show version" command on the system context configuration mode
The command "show context count" in system context configuration mode also shows the used context amount.
To make a new context, using the command "context
After this you should allocate the interfaces to the context with the command "allocate-interface
Why would you have all the same interfaces on the new context compared to the old ones?
Or do you mean you have trunk interfaces on the ASA and you have subinterfaces attached to the contexts?
- Jouni
07-02-2012 04:53 AM
Thanks a lot you for your help.
With the interfaces I meant a trunk with some subinterfaces and 4 subinterfaces are going to be shared between two contexts.
I just verified the licence problem and I have a 2 context licences so the solution I thought I will not be able to implement it.
I will continue to investigate how I could fix this issue without creating any outage.
Regards.
07-02-2012 05:02 AM
Hi,
I think the next available license in your case would be for 5 Security Context license.
Though actually you have at your disposal 3 Security Contexts at the moment.
Theres a context named "admin" on your device and it DOESNT get counted towards the limit of 2.
Naturally it is not intended to be used as anything else than providing management access to the device.
I have never used it for anything else than bringing the management connection to the ASA itself but I guess it would be possible to use as 3rd context but as I said its probably not the best solution.
- Jouni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide