5-18
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter5 Configuring Multiple Context Mode
Configuring Multiple Contexts
Examples
For example, to set the default class limit for conns to 10 percent instead of unlimited, enter the
following commands:
hostname(config)# class default
hostname(config-class)# limit-resource conns 10%
All other resources remain at unlimited.
To add a class called gold, enter the following commands:
hostname(config)# class gold
hostname(config-class)# limit-resource mac-addresses 10000
hostname(config-class)# limit-resource conns 15%
hostname(config-class)# limit-resource rate conns 1000
hostname(config-class)# limit-resource rate inspects 500
hostname(config-class)# limit-resource hosts 9000
hostname(config-class)# limit-resource asdm 5
hostname(config-class)# limit-resource ssh 5
hostname(config-class)# limit-resource rate syslogs 5000
hostname(config-class)# limit-resource telnet 5
hostname(config-class)# limit-resource xlates 36000
Configuring a Security Context
The security context definition in the system configuration identifies the context name, configuration file
URL, and interfaces that a context can use.
Prerequisites
Perform this procedure in the system execution space.
For ASA 5500 series appliances, configure physical interface parameters, VLAN subinterfaces, and
redundant interfaces according to the Chapter6, “Starting Interface Configuration
(ASA 5510 and Higher).”
If you do not have an admin context (for example, if you clear the configuration) then you must first
specify the admin context name by entering the following command:
hostname(config)# admin-context name
limit-resource all 0
Example:
hostname(config)# limit-resource all 0
Sets all resource limits (shown in Table 5 -1) to be unlimited. For
example, you might want to create a class that includes the admin
context that has no limitations. The default class has all resources
set to unlimited by default.
limit-resource [rate] resource_name
number[%]
Example:
hostname(config)# limit-resource rate
inspects 10
Sets a particular resource limit. For this particular resource, the
limit overrides the limit set for all. Enter the rate argument to set
the rate per second for certain resources. For resources that do not
have a system limit, you cannot set the percentage (%) between 1
and 100; you can only set an absolute value. See Table 5 -1 for
resources for which you can set the rate per second and which do
not have a system limit.
Command Purpose