cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5476
Views
10
Helpful
3
Replies

How to Rename the Existing Security Context in ASA 5585

kamaraj_k
Level 1
Level 1

Hi,

Can someone help me in renaming the existing security contexts in Cisco ASA 5585 (runs with 9.0.1 ) please? The ultimate goal is to have a standard template created for our environment ( Ex. host names, Object, Object-groups, ACL and other lines which are common in all contexts).

Please advise me on this whether we can really achieve this renaming functionality.

Thanks in advance!!

Regards,

Kam

3 Replies 3

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

I am not sure if you are actually asking about 2 different things here.

If you have an existing Security Context configured in the System Context space of the ASA then to change the Security Context name I think you would have to do the following things during maintanance break

  • Create new Security Context with the desired name
  • Allocate the same interfaces to the Security Context than in the original
  • Remove the original Security Context
  • Only now add the existing actual firewall configuration file to the the new Security Context with the "config-url" command so it loads the same original configuration

That to my understanding could be the steps needed for the change of the Security Context name in the System Context space. Naturally it causes outage to the services when you have to remove the Security Context and make it again.

I presume that you should first remove the old Context before adding the configuration to the new Context as otherwise the ASA would probably ignore commands when loading the configuration into the Context as there would be shared interfaces on the ASA with the same IP addresses.

You also talk about having a template for new firewalls. I guess in this case you are better of creating a new blank Context and copy/paste its configuration to some text editor software you use and start building the base Context configurations from that.

When you have a configuration template that applies to all firewalls you could then probably copy this file to the ASA flash and then make a copy of that file with a new file name on the Flash and then assign that file as the configuration source for the new Context.

I don't think you can use the same file for each of your Contexts. You will have to copy the base configuration file to its own file and upload it to the ASA Flash and assign it to the new Context when you create one. Naturally the interfaces IDs will be different in most if not all Contexts so you can't really create a template for those.

- Jouni

johnlloyd_13
Level 9
Level 9

hi kam,

if you're using ASDM, you can easily edit or delete a security context by going to to Configuration > Context Management > Security Contexts, and then click the Edit or Delete button.

This is grayed out and not possible. I sure wish it were possible.

Review Cisco Networking for a $25 gift card