cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
574
Views
0
Helpful
4
Replies

Management Interface in Multi-context mode

pmjordan
Level 1
Level 1

On an ASA5580 using 8.0(4). I want to make sure that each context is able to generate syslogs and traps sent over the management interface. I know that 'logging device-id context-name' will label the log messages with the context name but is it necessary to allocate the management interface to each context?

4 Replies 4

Farrukh Haroon
VIP Alumni
VIP Alumni

Each context has its own IP connectivity except the system context. The system context borrows the IP connectivity from the admin context. Logging in independent in each context.

Regards

Farrukh

So you mean yes, it is necessary to allocate the management interface to the contexts other than the system context?

What I mean is that each context is a separate firewall and it has its own logging buffer. If you want to log all you have to configure logging on each context. You can use any interface to send out this logging information based on your routing, using the mangement interface is not necessary but better for security (separate out of management zone). This is specially true for syslog as its clear text. Newer ASA code supports secure logging as well.

Regards

Farrukh

So you mean yes, it is necessary to allocate the management interface to the contexts other than the system context?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: