ASA Security Contexts Tidbit

In this tidbit I want to explain what Cisco ASA Security Contexts are in this blog. A very plain & simple way to put it, security contexts are a way to logically divide the ASA into multiple logical firewalls. It is important to understand that the segregated ASA contexts operate with their own interfaces, rules, administrators, etc.

There are 3 main contexts types that you need be aware of:

  1. System Context = default context

  2. Admin Context = used for management on the hardware (ASA)

  3. Normal Context = Active virtual firewall

To break things down a bit further: System context is what is used to manage/deploy other contexts. It also allows us to implement high availability & physical port assignments. The admin context is the first context that actually counts against consuming a license & must be deployed prior to deploying other normal contexts. Administrators who have access to it have access to other contexts too. Lastly, the normal context is just the type name that defines a virtual firewall that will get used to manage traffic, etc.

Oh, and an important thing to note is that by default the ASA supports two contexts so if you want more you need a license :)

When it comes to having multiple contexts note that there is only one system & one admin context. You can have multiple "normal" contexts. When deploying security contexts there are 3 main components required for deployment:

  • Context name.

  • Location of context's startup configuration. Note that the configuration for each context is also known as a configlet.

  • Interface allocation.

Note that there are additional items that can be configured, but those 3 are the bare minimums.

To see more about configuring contexts, how packets are forwarded, & types of deployments see more posts via the asa tag. Cheers!


Recent Posts

See All

Troubleshooting FMC Policy Deployment Tidbit

In this tidbit I want to share some tips on how to troubleshoot FMC policy deployment errors. It is important to understand that the policy deployment is broken down into the following phases: Phase

HTTP Methods & Status Codes Tidbit

In this tidbit I want to touch on different types of HTTP Methods & the types of HTTP status codes you may encounter when consuming APIs in regard to automation. HTTP Methods: GET = get user info PATC

FMC & FTD Communication/Registration Tidbit

In this tidbit I want to cover the basics in regard to FTD & FMC registration. I also intend on covering how the two communicate with each other as this can be helpful when having registration issues