Hi,

You should be able to view the "show context count" command both in the System Context and Security Context configuration mode.

The command "show mode" should tell if the firewall is really in Multiple Context mode.

What ASA do you have and what software version does it have?

You should also be able to list all the context in the System Context configuration with the command "show run context"

- Jouni

According to the ASA Command Reference the only configuration mode where this command isnt usable is when the ASA is actually in Single Context Mode. In other words it isnt running Multiple Context Mode at the moment.

But the above mentioned command "show mode" should tell which mode the firewall is running on.

Here is link to the actual description of the "show context" command (ASA 8.4 version document)

http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/s2.html#wp1438324

- Jouni

Hi,

By default the ASA models have 2 Security Context limit. They can hold 3 Security Context BUT one of them is always "admin" context which is meant for the virtual ASAs management connections.

The above output shown should mean that you have 2 Context configured of which one is "admin" and other is something that you have configured yourself. If I am not mistaken. So even if you had the default Security Context license of 2 you should still have room for one Security Context. This is because the "admin" context isnt counted towards the license limit.

You can confirm the ASAs Security Context license with "show version" command. It should list the maximum amount of Security Context the ASA can support with the current license it has.

Obviously if your ASA is running Single Mode then you can use the "show context count" command.

If the ASA is in Multiple Mode then you should be able to use the command to see how many Security Contexts has been configured.

- Jouni

Were you able to get all the information you need?

I am not quite sure I understood the situation correctly as you are talking about different ASAs and some of them arent even using Multiple Context Mode.

- Jouni

Hi,

So you have the default amount of Security Contexts for your ASA

To my understanding the limit of 2 means this

• You can create 2 of your own Security Contexts on the ASA
• The Security Context "admin" will not be counted towards this limit of 2.
• So you can have "admin" context + 2 additional contexts you create yourself. The "admin" context always exists on every virtual ASA as its meant to provide management connection for the admin to all of the Security Contexts on the ASA

- Jouni

Hi,

On an ASA that is running Multiple Context Mode you should be able to just use the command "show run context" to get a listing of the Security Contexts configured on the said ASA.

You can use the command only in the System Context space

For example

ASA# show run context

If you are currently in some Security Context then you can change to the System Context with "changeto system" command.

For example

ASA/Context1# changeto system

- Jouni

Hi,

Yes, Context named "b" is one of the created contexts. The Context named "admin" is the default context in every virtual ASA used for management purposes. Though I can be used like any other context but is not really recomended usually.

- Jouni