Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
898
Views
0
Helpful
3
Replies

Managing an FWSM context via the Admin Context?

anthonykahwati
Level 1
Level 1

‎06-20-2011 08:55 AM - edited ‎03-11-2019 01:47 PM

Hello

I have a multi context FWSM with several routed and transparent firewalls. Do you know if it is possible to manage a firewall using the Admin context rather than routing to it directly? At the moment we have transparent firewalls with an IP'd BVI that routes back to the core for management, or, we use the inside interface of the routed contexts to get back to the core for management.

We have a new routed context going in, but for this one we dont want it to have any route to the core. Is there a way that anyone knows of to manage this using the Admin context, which does have a route back to the core.

Thanks in advance.


Anthony

Labels:
0 Helpful
3 Replies 3

mirober2
Cisco Employee
Cisco Employee

‎06-20-2011 10:22 AM

Hi Anthony,

If you can log into the Admin context, you can change to another context on the FWSM. The command do that is:

changeto context

That should allow you to login to the Admin context remotely and then move into the other contexts you need to manage.

Hope that helps.

-Mike

0 Helpful

anthonykahwati
Level 1
Level 1
In response to mirober2

‎06-21-2011 02:25 AM

Hi Mike

Thanks for the response. I think that I was a little ambiguous in what I wrote though. By management I am looking at things such as my Cisco Security Manager, Syslog Server, SNMP server, etc, etc, so what I am trying to do is to be able to allow these management tools to run the context via the Admin context rather than direct to each context.

Thanks


Anthony

0 Helpful

mirober2
Cisco Employee
Cisco Employee
In response to anthonykahwati

‎06-21-2011 05:19 AM

Hi Anthony,

Unfortunately, what you're trying to do won't work because of the the way contexts are designed. The goal of multiple contexts is to have multiple separated logical firewalls. The admin context can only make config changes to the admin context directly (without changing into another context).

As far as CSM goes, you can add the admin context to CSM and it will automatically bring in the other contexts on the firewall, but you still need to change into them to make policy changes. If you want to apply a policy to multiple contexts (i.e. a syslogging policy), you can use CSM's shared policy feature to do that.

Hope that helps.

-Mike

0 Helpful
Review Cisco Networking for a $25 gift card
Top