Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)

ASA context's sharing same IP address space on physical interface

I'm pretty sure this cannot be done, but need to confirm.

I configured an ASA with 2 contexts, the customer expected that I could share the same IP address space outside for both contexts using the same physical interface. Wjen I configure the outside address on context 2 the ASA complains that the same address is used on another interface, it ism in context 1. Is there a way round this? Documents on CCO show its possible by using vlans, setting up the physical interface as a shared, but that is not what my customer wants.

I've said I'm sure this cannot be done, but want to sanity check my statement.


Re: ASA context's sharing same IP address space on physical inte

I'm sorry to say you are wrong.

It's possible to configure two addresses one for each context in the same physical interface, with the 2 addresses being in the same range or network (can not be exactly the same IP)

The thing here is that you must manually configure the mac addresses of the interfaces (inside each context) in order fot it to work.

Please rate if it help you.

CreatePlease to create content