Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
555
Views
0
Helpful
2
Replies

layered virtual firewall

superlubis
Level 1
Level 1

‎09-22-2012 01:18 AM - edited ‎03-11-2019 04:57 PM

Hello,

I know cisco asa can do virtualization with virtual context.

My question is as far as i know if i create perhaps 3 virtual context web, app, and db logicaly it in the same layer, only 1 layer.

Can i create layered virtual context?. So if physically my asa interface only connect to 1 port switch but logically will look like this :

Firewall

|||||

Web context

|||||

App Context

|||||

Db context

Labels:
0 Helpful
2 Replies 2

Luis Silva Benavides
Cisco Employee
Cisco Employee

‎09-27-2012 07:14 AM

Ibrahim,

Yes you can share the same phusical interface with between context. You actually have 2 options:

1. create subinterfaces and assign a different subinterface to each context.

2. Assign the physical interace to the 3 contexts but "mac-address auto" must be enable to avoid packet classyfication issues.

Luis 

Luis Silva
0 Helpful

superlubis
Level 1
Level 1
In response to Luis Silva Benavides

‎10-11-2012 12:56 AM

Yes i already know about virtual context or sub interface. When i do virtual context or sub interface, the topology will be like this :

Firewall

||                ||               ||

Contex1  Contex2  Contex3

Btw:another question can i do vrf lite from core switch to firewall/virtual context?

what i want is, this is not my req just an idea.

Firewall

||

Contex1

||

Contex2

||

Contex3

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card