Installing Cisco Context Directory Agent

In this article we will take a look at how to install the Cisco Context Directory Agent (CDA) for use with Identity Based Firewalls.

In this demonstration, we will be installing CDA using VMware ESXI.

A few important things to note:
  • VMXNET 2 & 3 Interfaces are not supported and E1000 types must be used
  • Resource requirements will depend on the intended use of CDA. In this demonstration we are using the minimum recommended requirements which will be covered below.
  • CDA must be able to communicate with Active Directory domain controllers, devices that are going to interact with CDA and any Syslog servers that will be used.
  • CDA communicates with domain controllers on RPC 135 initially before domain controllers establish connectivity on higher ports dynamically.

Resource specification used as per recommended minimum hardware requirements for VMware:
  • 2 Virtual Processors
  • 2GB RAM (We are using 4GB RAM for this demonstration)
  • 120GB HD Space
  • E1000 NIC
  • Linux 64-Bit Other OS

Once powered on select the most relevant option for your deployment depending on how you will be installing CDA. The system will then begin to install, this will take approximately 5 minutes.

When the software has been installed, you should be presented with the following screen below. We will now run through the setup.

Type ‘setup’ to begin.
Run through the initial setup as shown below. You cannot use ‘Cisco’ or anything similar as a password.

Once you’ve configured the initial settings, CDA will test DNS reachability as well as NTP reachability before continuing to finish off the installation. As shown below, you will be prompted NOT to press ‘Ctrl-C’ until the installation has finished.

Once the installation has finished, CDA is now installed and you should now be able to login via the CLI or GUI using the username and password you created at the initial setup.


Kelvin is a Cyber Security professional with years and experience working with organisations in different verticals, both large and small. He enjoys contributing to the Network Wizkid knowledge base and he also creates technical content. Kelvin enjoys learning new things and often does this by working on achieving new technical certifications. He holds many professional certifications and academically, he has achieved a Bachelors and Master's degree in both Computer Networks and Cyber Security.

Leave a Reply