Configuring A Security Context - Cisco Catalyst 6500 Series Configuration Manual
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
Chapter 5
Managing Security Contexts
This example shows how to verify the current mapping of contexts to ACL partitions.
FWSM(config)# show resource acl-partition
Total number of configured partitions = 2
Partition #0
Partition #1
Configuring a Security Context
The security context definition in the system configuration identifies the context name, configuration
file URL, VLANs that a context can use, and the resource class to which a context belongs. After you
add the context, you can add more VLAN interfaces as required by following this procedure again and
specifying additional interfaces. You do not need to reenter other context commands again; the
commands you already set remain in place unless you remove them with the no form of the command.
You can change the value of single-instance commands by reentering the command with a new value.
For commands that you can enter multiple times, such as the allocate-interface command, you must
remove the command with the no form and then re-add the altered version.
Before you configure the first context, configure the ACL partition. See the
Note
Overview" section on page
Note
If you do not have an admin context (for example, if you clear the configuration), then the first context
you add must be the admin context. Before continuing with this procedure to add a context, enter the
following command:
FWSM(config)# admin-context name
You can now enter the context name command to match the name you specified for the admin context.
To add or change a context in the system configuration, follow these steps:
To add or modify a context, enter the following command in the system execution space:
Step 1
FWSM(config)# context name
The name is a string up to 32 characters long. This name is case sensitive, so you can have two contexts
named "customerA" and "CustomerA," for example.
We recommend you do not use the names "count" or "detail." These names are options in the
show context command, so you cannot use the show context command to show information about a
context called "count" or "detail." "system" is a reserved name, and cannot be used.
OL-6392-01
Mode
List of Contexts
Number of contexts
:2(RefCount:2)
Number of rules
Mode
List of Contexts
Number of contexts
:5(RefCount:5)
Number of rules
5-17.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
:exclusive
:bandn, borders
:0(Max:53087)
:non-exclusive
:admin, momandpopA, momandpopB, momandpopC
momandpopD
:6(Max:53087)
Configuring a Security Context
"ACL Memory Partitions
5-19
Advertisement
Table of Contents
Troubleshooting
