Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
600
Views
0
Helpful
3
Replies

ASA 7.2 Adding a context in a multiple context environment

Go to solution
xavier.delcour
Level 1
Level 1

‎07-02-2012 03:55 AM - edited ‎03-11-2019 04:25 PM

Hi,

On my production environment I have a firewall with already two contexts defined (15% of CPU used) and I want to add a new one.

This context is going to use the same interfaces as the others contexts. When I will enable the context, can I have some sort of repercussion on these two context ?

Thanks for your help.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎07-02-2012 04:42 AM

Hi,

Unless you have checked already, make sure that you have a license that enables you to use more than 2 Security Contexts on the ASA

Use the "show version" command on the system context configuration mode

The command "show context count" in system context configuration mode also shows the used context amount.

To make a new context, using the command "context " should be enough to create the context on the ASA. Use this command in system context configuration mode.

After this you should allocate the interfaces to the context with the command "allocate-interface "

Why would you have all the same interfaces on the new context compared to the old ones?

Or do you mean you have trunk interfaces on the ASA and you have subinterfaces attached to the contexts?

- Jouni

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎07-02-2012 04:42 AM

Hi,

Unless you have checked already, make sure that you have a license that enables you to use more than 2 Security Contexts on the ASA

Use the "show version" command on the system context configuration mode

The command "show context count" in system context configuration mode also shows the used context amount.

To make a new context, using the command "context " should be enough to create the context on the ASA. Use this command in system context configuration mode.

After this you should allocate the interfaces to the context with the command "allocate-interface "

Why would you have all the same interfaces on the new context compared to the old ones?

Or do you mean you have trunk interfaces on the ASA and you have subinterfaces attached to the contexts?

- Jouni

0 Helpful

Go to solution
xavier.delcour
Level 1
Level 1
In response to Jouni Forss

‎07-02-2012 04:53 AM

Thanks a lot you for your help.

With the interfaces I meant a trunk with some subinterfaces and 4 subinterfaces are going to be shared between two contexts.

I just verified the licence problem and I have a 2 context licences so the solution I thought I will not be able to implement it.

I will continue to investigate how I could fix this issue without creating any outage.

Regards.

0 Helpful

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to xavier.delcour

‎07-02-2012 05:02 AM

Hi,

I think the next available license in your case would be for 5 Security Context license.

Though actually you have at your disposal 3 Security Contexts at the moment.

Theres a context named "admin" on your device and it DOESNT get counted towards the limit of 2.

Naturally it is not intended to be used as anything else than providing management access to the device.

I have never used it for anything else than bringing the management connection to the ASA itself but  I guess it would be possible to use as 3rd context but as I said its probably not the best solution.

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card