Context Administrator Access; Enabling Or Disabling Multiple Context Mode; Backing Up The Single Mode Configuration; Enabling Multiple Context Mode - Cisco PIX 500 Series Configuration Manual
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Enabling or Disabling Multiple Context Mode
username "admin." The admin context does not have any command authorization configuration, but all
other contexts include command authorization. For convenience, each context configuration includes a
user "admin" with maximum privileges. When you change from the admin context to context A, your
username is altered, so you must log in again as "admin" by entering the login command. When you
change to context B, you must again enter the login command to log in as "admin."
The system execution space does not support any AAA commands, but you can configure its own enable
password, as well as usernames in the local database to provide individual logins.
Context Administrator Access
You can access a context using Telnet, SSH, or ASDM. If you log in to a non-admin context, you can
only access the configuration for that context. You can provide individual logins to the context. See See
Chapter 40, "Managing System Access,"
management authentication.
Enabling or Disabling Multiple Context Mode
Your security appliance might already be configured for multiple security contexts depending on how
you ordered it from Cisco. If you are upgrading, however, you might need to convert from single mode
to multiple mode by following the procedures in this section. ASDM does not support changing modes,
so you need to change modes using the CLI.
This section includes the following topics:
•
•
•
Backing Up the Single Mode Configuration
When you convert from single mode to multiple mode, the security appliance converts the running
configuration into two files. The original startup configuration is not saved, so if it differs from the
running configuration, you should back it up before proceeding.
Enabling Multiple Context Mode
The context mode (single or multiple) is not stored in the configuration file, even though it does endure
reboots. If you need to copy your configuration to another device, set the mode on the new device to
match using the mode command.
When you convert from single mode to multiple mode, the security appliance converts the running
configuration into two files: a new startup configuration that comprises the system configuration, and
admin.cfg that comprises the admin context (in the root directory of the internal Flash memory). The
original running configuration is saved as old_running.cfg (in the root directory of the internal Flash
memory). The original startup configuration is not saved. The security appliance automatically adds an
entry for the admin context to the system configuration with the name "admin."
To enable multiple mode, enter the following command:
hostname(config)# mode multiple
Cisco Security Appliance Command Line Configuration Guide
3-10
Backing Up the Single Mode Configuration, page 3-10
Enabling Multiple Context Mode, page 3-10
Restoring Single Context Mode, page 3-11
Chapter 3
to enable Telnet, SSH, and SDM access and to configure
Enabling Multiple Context Mode
OL-12172-03
Advertisement
Table of Contents
Troubleshooting
