cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
580
Views
0
Helpful
3
Replies

Cisco ASA 5585-x Security Context

geoff
Level 1
Level 1

Hi, 

 

Would like to know if it is possible to have 2 contexts, one as Admin and support BGP implementation and the other context for firewall centric and then forward traffic from Admin context to the other context?

 

If using security context, can one have 2 different ISP's, one for each context and therefore have 2 default gateways, one for each context?

 

Many thanks in advance.

 

Cheers

Geoff

 

 

1 Accepted Solution

Accepted Solutions

Francesco Molino
VIP Alumni
VIP Alumni
Hi

The admin context is like any other context except that someone accessing the admin context has admin rights on all context. There's no restriction per say on this admin context.
However, to run bgp in Multi-context, i believe you need 9.2.1 if I recall correctly (a quick search on Google can confirm it i believe).
To route between context, you can use shared interface for straight peering or go on the 2nd device doing routing between the 2 subnets (1 per interface context).

Each context can have its own default gateway which means also they can have different isp. You can see them as 2 different firewalls and this answers your last question with a yes.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

3 Replies 3

Francesco Molino
VIP Alumni
VIP Alumni
Hi

The admin context is like any other context except that someone accessing the admin context has admin rights on all context. There's no restriction per say on this admin context.
However, to run bgp in Multi-context, i believe you need 9.2.1 if I recall correctly (a quick search on Google can confirm it i believe).
To route between context, you can use shared interface for straight peering or go on the 2nd device doing routing between the 2 subnets (1 per interface context).

Each context can have its own default gateway which means also they can have different isp. You can see them as 2 different firewalls and this answers your last question with a yes.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Hi Francesco,

 

Many thanks for confirming my thoughts and solution.

 

Cheers

Geoff

 

You’re welcome

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: