Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Renaming firewall contexts

Is there a way to rename a firewall context on a FWSM?

Obviously, one could just create the new name, copy the config over to it, and then swap everything else over. That would cause downtime, though, during the swapover. I'd like to think there's a simple rename command out there to avoid that, but I haven't found it in all my googling.

3 REPLIES
Bronze

Re: Renaming firewall contexts

Hmmmm.

I don't think there is a rename command.

What I would do is the following:

Create the new context (while in the system context)

While still in the system context, change the 'config-url' to point to the config file of the existing context. This way you don't have to copy/paste all the configuration for the context.

Then I'd delete the old context, and allocate the interfaces to the 'new' context I'd just created.

Possibly you could reverse those 2 steps (so that you don't have 2 contexts with the same configuration, but without interfaces allocated I doubt it would matter) Deleting a context does *not* delete the underlying config file, so you should be ok. You'd have to re-create the failover configuration within the system context.

I don't see how this wouldn't be disruptive, though, as connections associated with one context wouldn't be migrated to the other because you wouldn't really be renaming it.

--Jason

Please rate this if it helps.

New Member

Re: Renaming firewall contexts

It's certainly an improvement over what I had in mind.

Hm.

As a programmer, I can't help but think that it would be SO EASY to make a rename command for contexts.

*Sigh*

New Member

Re: Renaming firewall contexts

Good morning Jason

I tried to write down the steps beacause I would like to try them

From the system space

1) create the new context

ASA1(config)# context NewContext
ASA1(config)# description This is new context

2) I don't understand you idea here,
While still in the system context, change the 'config-url' to point to the config file of the existing context. 
This way you don't have to copy/paste all the configuration for the context.

3) delete old context

ASA1(config)#no context OldContext (this doesn't delete the cfg file)
ASA1(config)#delete disk0:/ ctxOldContext.cfg
ASA1#dir disk0: (to make sure the correspondent configuration file for the context is deleted)

4) specify the interfaces

ASA1(NewContext)# allocate-interface gigabitethernet1/2.100 G12_V100
ASA1(NewContext)# allocate-interface gigabitethernet2/2.1100 G22_V1100

any specific steps if your firewalls are in failover mode: active/standby ?

Thank you

sdossou69

242
Views
4
Helpful
3
Replies
СоздатьДля создания публикации, пожалуйста в систему