Routed Mode Examples
Example 3: Shared Resources for Multiple Contexts
This configuration includes multiple contexts for multiple departments within a company. Each
department has its own security context so that each department can have its own security policy.
However, the syslog, mail, and AAA servers are shared across all departments. These servers are placed
on a shared VLAN (See
Department 1 has a web server that outside users who are authenticated by the AAA server can access.
Figure B-3
Config Server
See the following sections for the configurations for this scenario:
•
•
•
•
•
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
B-8
Figure
Example 3
Outside
209.165.201.3
Admin
Context
Inside
10.1.0.1
VLAN 201
Admin Host
10.1.0.16
10.1.0.15
VLAN 300
Example 3: System Configuration, page B-9
Example 3: Admin Context Configuration, page B-9
Example 3: Department 1 Context Configuration, page B-10
Example 3: Department 2 Context Configuration, page B-11
Example 3: Switch Configuration, page B-11
B-3.)
Internet
209.165.201.2
VLAN 200
Department 1
Shared
Inside
10.1.1.1
10.1.2.1
VLAN 202
Web Server
10.1.2.3
AAA Server
10.1.1.6
Appendix B
MSFC
Outside
209.165.201.4
Department 2
Shared
Inside
10.1.1.2
10.1.3.1
VLAN 203
Inside
VLAN 300
Shared
Network
Mail Server
Syslog Server
10.1.1.7
10.1.1.8
Sample Configurations
Outside
209.165.201.5
Shared
10.1.1.3
VLAN 300
OL-6392-01