Restrictions on Multi-Context Enhancements for Cisco ASA Software Release 9.0 – Updated

Another sign that it’s time to stop buying service modules for Catalyst 6500. This is not the time for dedicated hardware appliances such as ACE or ASA Service Modules. Mulitcontext support for routing and VPN is not available on C6500 ASA Service Module.


Multi-Context Enhancements

Enhances the current ASA Multicontext capability to include support for Site-to-site VPN and Dynamic Routing Protocols. Also adds support for mixed routed and transparent mode multi-context configuration.

• Enables each firewall context to maintain its own routing table for static and dynamic routes

• Allows customers to mix and match routing protocols on a per-context basis.

• Supports IKEv1 and IKEv2.

• Maintains single mode site-to-site VPN features in multiple modes.

• Allows flexible VPN resource allocations in system context

All ASA 5500 and 5500-X appliances (with the exception of the ASA 5505) and the Cisco Catalyst 6500 Series ASA Services Module

via Cisco ASA Software Release 9.0 Data Sheet  [Cisco Adaptive Security Appliance (ASA) Software] – Cisco Systems.

Update: my mistake – misreading. It does work on the ASA-SM. I STILL wouldn’t buy one.

  • Olivier Cahagne

    Greg, unless I’m mistaken, documentation states that only ASA 5505 doesn’t support multi-context.

    • Rick Arps

      I would agree.
      As I read it, it is supported on the ASA SM, though that’s not to say that I would ever recommend one.

  • marc abel

    As someone who was considering an ASA SM, why would you recommend against one?

    • Etherealmind

      The use of the fabric backplane limits the ASA software as to what is can achieve. The interface code in ASA-OS is vital to the security function and it’s likely that you will be “feature orphaned”. I’d say that the code would be developed to the “normal” ASA and then ported to the ASA-SM – that means unresolved bugs, feature starvation etc etc.

      Look back at the FWSM and you will get the idea.