Routing between contexts

Answered Question
Sep 20th, 2010

Hi Everyone,


I have 2 contexts, and i want to route between the contexts. Is that possible.




CONTEXT 1

==========


OUTSIDE IP - 10.10.10.0

INSIDE IP - 192.168.20.0

DMZ IP - 192.168.30.0


Static NAT ON OUTSIDE IP to DMZ - 100.100.100.100 - .105



CONTEXT 2

=========


OUTSIDE IP - 10.20.20.20

INSIDE IP - 192.168.40.0

DMZ IP - 192.168.41.0


Static NAT on OUTSIDE IP to DMZ - 4.2.2.2


I want to route traffic between context 2 DMZ IP to static NAT on CONTEXT 1?


What do i need to add on the contexts?


Thanks


Sid

Correct Answer by Jennifer Halim about 6 years 5 months ago

Yes, you are absolutely correct. There needs to be at least 1 shared interface to route traffic between context.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jennifer Halim Mon, 09/20/2010 - 22:35

You would need to have at least one shared interface to be able to route traffic between context. What you are trying to achieve is called cascading security context and here is the diagram for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/contexts.html#wp1146927


In your case, since there is no shared interface between the 2 contexts, you can't route traffic between the 2 contexts.

sidcracker Mon, 09/20/2010 - 22:37

HI Halijenn,


As of now I have only 2 contexts which are using shared outside interfaces and they are able to ping each other. The other context which has a unique interface cannot access the other context.


So there is no way that I can access it correct?

Correct Answer
Jennifer Halim Mon, 09/20/2010 - 22:46

Yes, you are absolutely correct. There needs to be at least 1 shared interface to route traffic between context.

Actions

This Discussion