Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
367
Views
0
Helpful
2
Replies

FWSM in multi context mode

georgeburtz
Level 1
Level 1

‎10-08-2008 07:11 AM - edited ‎03-11-2019 06:54 AM

Can anyone explain what the purpose of the admin context is? The other user contexts seem pretty self explanatory.

What is the purpose of admin context?

How is different from the other contexts?

What would it be used for?

We are going to manage the FWSM with Cisco Security Manager and are curious about how to implement the multiple contexts.

Any insight or info would be appreciated.

Thanks....

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎10-08-2008 09:36 AM

George

If a user can log in to the admin context then from there they can access the system execution space and the other contexts.

However if you gave a user the ability to log in to one of the other contexts ie. contextA they would not be able to move from contextA to system execution space or any of the other contexts.

So giving access to the admin context gives system administrator access to all contexts.

Jon

0 Helpful

ajagadee
Cisco Employee
Cisco Employee

‎10-08-2008 10:18 AM

George,

Admin Context Configuration

The admin context is just like any other context, except that when a user logs in to the admin context, then that user has system administrator rights and can access the system and all other contexts. The admin context is not restricted in any way, and can be used as a regular context. However, because logging into the admin context grants you administrator privileges over all contexts, you might need to restrict access to the admin context to appropriate users. The admin context must reside on Flash memory, and not remotely.

If your system is already in multiple context mode, or if you convert from single mode, the admin context is created automatically as a file on the internal Flash memory called admin.cfg. This context is named "admin." If you do not want to use admin.cfg as the admin context, you can change the admin context.

Please refer the below URL for details:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/configuration/guide/contxt_f.html#wp1149689

Regards,

Arul

** Please rate all helpful posts **

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card