Cisco PIX 500 Series Configuration Manual page 108
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Configuring a Security Context
If you change to the context and configure the context at the CLI, you cannot save changes back to
HTTP or HTTPS servers using the write memory command. You can, however, use the copy tftp
command to copy the running configuration to a TFTP server.
tftp://[user[:password]@]server[:port]/[path/]filename[;int=interface_name]
•
The server must be accessible from the admin context. Specify the interface name if you want to
override the route to the server address. The filename does not require a file extension, although we
recommend using ".cfg". If the configuration file is not available, you see the following message:
WARNING: Could not fetch the URL tftp:// url
INFO: Creating context with default config
You can then change to the context, configure it at the CLI, and enter the write memory command
to write the file to the TFTP server.
To change the URL, reenter the config-url command with a new URL.
See the
changing the URL.
For example, enter the following command:
hostname(config-ctx)# config-url ftp://joe:passw0rd1@10.1.1.1/configlets/test.cfg
(Optional) To assign the context to a resource class, enter the following command:
Step 5
hostname(config-ctx)# member class_name
If you do not specify a class, the context belongs to the default class. You can only assign a context to
one resource class.
For example, to assign the context to the gold class, enter the following command:
hostname(config-ctx)# member gold
Step 6
(Optional) To assign an IPS virtual sensor to this context if you have the AIP SSM installed, use the
allocate-ips command. See the
for detailed information about virtual sensors.
The following example sets the admin context to be "administrator," creates a context called
"administrator" on the internal Flash memory, and then adds two contexts from an FTP server:
hostname(config)# admin-context administrator
hostname(config)# context administrator
hostname(config-ctx)# allocate-interface gigabitethernet0/0.1
hostname(config-ctx)# allocate-interface gigabitethernet0/1.1
hostname(config-ctx)# config-url flash:/admin.cfg
hostname(config-ctx)# context test
hostname(config-ctx)# allocate-interface gigabitethernet0/0.100 int1
hostname(config-ctx)# allocate-interface gigabitethernet0/0.102 int2
hostname(config-ctx)# allocate-interface gigabitethernet0/0.110-gigabitethernet0/0.115
int3-int8
hostname(config-ctx)# config-url ftp://user1:passw0rd@10.1.1.1/configlets/test.cfg
hostname(config-ctx)# member gold
hostname(config-ctx)# context sample
hostname(config-ctx)# allocate-interface gigabitethernet0/1.200 int1
hostname(config-ctx)# allocate-interface gigabitethernet0/1.212 int2
Cisco Security Appliance Command Line Configuration Guide
6-10
"Changing the Security Context URL" section on page 6-13
"Assigning Virtual Sensors to Security Contexts" section on page 22-6
Chapter 6
Adding and Managing Security Contexts
for more information about
OL-12172-03
Advertisement
Table of Contents
Troubleshooting
