5-19
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
OL-6392-01
Chapter 5 Managing Security Contexts
Configuring a Security Context
This example shows how to verify the current mapping of contexts to ACL partitions.
FWSM(config)# show resource acl-partition
Total number of configured partitions = 2
Partition #0
Mode :exclusive
List of Contexts :bandn, borders
Number of contexts :2(RefCount:2)
Number of rules :0(Max:53087)
Partition #1
Mode :non-exclusive
List of Contexts :admin, momandpopA, momandpopB, momandpopC
momandpopD
Number of contexts :5(RefCount:5)
Number of rules :6(Max:53087)
Configuring a Security Context
The security context definition in the system configuration identifies the context name, configuration
file URL, VLANs that a context can use, and the resource class to which a context belongs. After you
add the context, you can add more VLAN interfaces as required by following this procedure again and
specifying additional interfaces. You do not need to reenter other context commands again; the
commands you already set remain in place unless you remove them with the no form of the command.
You can change the value of single-instance commands by reentering the command with a new value.
For commands that you can enter multiple times, such as the allocate-interface command, you must
remove the command with the no form and then re-add the altered version.
Note Before you configure the first context, configure the ACL partition. See the “ACL Memory Partitions
Overview” section on page 5-17.
Note If you do not have an admin context (for example, if you clear the configuration), then the first context
you add must be the admin context. Before continuing with this procedure to add a context, enter the
following command:
FWSM(config)# admin-context
name
You can now enter the context name command to match the name you specified for the admin context.
To add or change a context in the system configuration, follow these steps:
Step 1 To add or modify a context, enter the following command in the system execution space:
FWSM(config)# context
name
The name is a string up to 32 characters long. This name is case sensitive, so you can have two contexts
named “customerA” and “CustomerA,” for example.
We recommend you do not use the names “count” or “detail.” These names are options in the
show context command, so you cannot use the show context command to show information about a
context called “count” or “detail.” “system” is a reserved name, and cannot be used.
To Next Page
Loading...
Need help?
General