Example 3: Shared Resources For Multiple Contexts - Cisco FirePOWER ASA 5500 series Configuration Manual

Example 3: Shared Resources for Multiple Contexts

! System messages are sent to the syslog server on the DMZ network
logging host dmz 192.168.2.2
logging enable
Example 3: Shared Resources for Multiple Contexts
This configuration includes multiple contexts for multiple departments within a company. Each
department has its own security context so that each department can have its own security policy.
However, the syslog, mail, and AAA servers are shared across all departments. These servers are placed
on a shared interface (see
Department 1 has a web server that outside users who are authenticated by the AAA server can access.
Figure B-3
Config Server
See the following sections for the configurations for this scenario:
•
•
Cisco Security Appliance Command Line Configuration Guide
B-8
Figure
Example 3
Outside
209.165.201.3
Admin
Context
Inside
10.1.0.1
Admin Host
10.1.0.16 10.1.0.15
Example 3: System Configuration, page B-9
Example 3: Admin Context Configuration, page B-9
B-3).
Internet
209.165.201.2
Department 1
Shared Inside
10.1.1.1 10.1.2.1
Web Server
10.1.2.3
AAA Server
10.1.1.6
Appendix B
Outside
209.165.201.4
Department 2
Shared Inside
10.1.1.2 10.1.3.1
Inside
Shared
Network
Mail Server Syslog Server
10.1.1.7 10.1.1.8
Sample Configurations
Outside
209.165.201.5
Shared
10.1.1.3
OL-10088-01