Removing a security context, Changing the admin context – Cisco ASA 5505 User Manual
Page 224
5-24
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 5 Configuring Multiple Context Mode
Managing Security Contexts
Removing a Security Context
You can only remove a context by editing the system configuration. You cannot remove the current
admin context, unless you remove all contexts using the clear context command.
Note
If you use failover, there is a delay between when you remove the context on the active unit and when
the context is removed on the standby unit. You might see an error message indicating that the number
of interfaces on the active and standby units are not consistent; this error is temporary and can be
ignored.
Prerequisites
Perform this procedure in the system execution space.
Detailed Steps
Changing the Admin Context
The system configuration does not include any network interfaces or network settings for itself; rather,
when the system needs to access network resources (such as downloading the contexts from the server),
it uses one of the contexts that is designated as the admin context.
The admin context is just like any other context, except that when a user logs in to the admin context,
then that user has system administrator rights and can access the system and all other contexts. The
admin context is not restricted in any way, and can be used as a regular context. However, because
logging into the admin context grants you administrator privileges over all contexts, you might need to
restrict access to the admin context to appropriate users.
Guidelines
You can set any context to be the admin context, as long as the configuration file is stored in the internal
flash memory.
Prerequisites
Perform this procedure in the system execution space.
Command
Purpose
no context
name
Removes a single context. All context commands are also removed.
clear context
Removes all contexts (including the admin context).