Cisco Catalyst 6500 Series Configuration Manual page 95
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
Chapter 5
Managing Security Contexts
Enter the allocate-interface command(s) before you enter the config-url command. The FWSM must
Note
assign VLAN interfaces to the context before it loads the context configuration; the context
configuration might include commands that refer to interfaces (nameif, nat, global...). If you enter the
config-url command first, the FWSM loads the context configuration immediately. If the context
contains any commands that refer to interfaces, those commands fail.
See the following URL syntax:
•
disk://[path/]filename
•
ftp://[user[:password]@]server/[path/]filename
tftp://server/[path/]filename
•
http://server/[path/]filename
•
https://server/[path/]filename
•
The FWSM can download a context from a TFTP or FTP server, HTTP or HTTPS server, or from the
local disk (called disk). The disk is a 64-MB partition of Flash that uses a navigable file system. The
disk partition is used only for context storage. The system configuration and the software image reside
in the Flash partition (called flash).
The server must be accessible from the admin context. The admin context file must be stored on the disk.
The filename does not require a file extension, although we recommend using ".cfg".
If the system cannot retrieve the context configuration file because the server is unavailable, or the file
does not yet exist, the system creates a blank context that is ready for you to configure with the
command-line interface.
For example, enter the following command:
FWSM(config-context)# config-url ftp://joe:passw0rd1@10.1.1.1/configlets/test.cfg
(Optional) To assign the context to a resource class, enter the following command:
Step 5
FWSM(config-context)# member class_name
If you do not specify a class, the context belongs to the default class. You can only assign a context to
one resource class.
For example, to assign the context to the gold class, enter the following command:
FWSM(config-context)# member gold
See the following sample context configurations:
FWSM(config)# context administrator
FWSM(config-context)# allocate-interface vlan10
FWSM(config-context)# allocate-interface vlan11
FWSM(config-context)# config-url disk://admin.cfg
FWSM(config-context)# context test
FWSM(config-context)# allocate-interface vlan100 int1
FWSM(config-context)# allocate-interface vlan200 int2
FWSM(config-context)# allocate-interface vlan300-vlan305 int3-int8
FWSM(config-context)# config-url ftp://joe:passw0rd@10.1.1.1/configlets/test.cfg
FWSM(config-context)# member gold
FWSM(config-context)# context sample
FWSM(config-context)# allocate-interface vlan101 int1
FWSM(config-context)# allocate-interface vlan201 int2
FWSM(config-context)# allocate-interface vlan306-vlan311 int3-int8
OL-6392-01
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
Configuring a Security Context
5-21
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Cisco Catalyst 6500 Series
Related Products for Cisco Catalyst 6500 Series
- Cisco 6503 - Catalyst Firewall Security Sys
- Cisco 6503-E - Catalyst Chassis With Supervisor Engine 32 Switch
- Cisco 6504-E - Catalyst Chassis With Supervisor Engine 32 Switch
- Cisco 6506 - Catalyst Chassis Switch
- Cisco 6513 - Catalyst Switch
- Cisco Catalyst 6509
- Cisco Catalyst 6513-E
- Cisco Catalyst 6500-E Series