Re: ASA Service Module in multiple context mode - how to restore
I have not had to do a restore on a Cisco Firewall running in Multiple Context mode but I would imagine that the setup would go in the following way.
Establish Console connection to the ASA unit
Configure the "admin" context
Go to System Context and start copying the backup configuration files to the local ASA Flash to the directory path originally used by the Security Contexts
Insert the backup configuration of System Context
With the above I assume that you would first have to make sure that the "admin" Security Context is properly configured for you to have remote access to the ASA also for the System Context to be able to use the "admin" Security Contexts connectivity to download the required Security Context configuration files.
When you have the Security Context configuration files in the original directory path of flash (the one configured previously with the "config-url" command) then you should be able to drop the System Context physical/logical interface configuration and finally the actual Security Context configurations that refer to the configuration files on the Flash. The Security Contexts should then be loaded with the configuration that you have just moved to the Flash.
Do note that the above explanation is something that I would ASSUME to take place when doing a restore to a Multiple Context Mode Cisco firewall. So its completely possible that I have missed something or maybe even gotten something wrong.
I imagine that most of the problems with the above posts command are due to you trying to insert them in the "admin" Security Context. The configuration related to the whole firewall device should be done in the System Context space.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...