Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
745
Views
0
Helpful
1
Replies

AAA and multiple context ASA for multi-tenant cloud practice

m.yost
Level 1
Level 1

‎12-19-2014 05:52 AM

My company has a new cloud practice and are using multiple context ASAs for different tenants. The customers do not manage the contexts, we do.  As of right now, the way we manage the customers contexts is by SSHing into the Admin context then we do a "changeto" in order to access the other contexts. There is no logical connection to their context.  We have AAA set up on the Admin context and it is talking to a SecureACS server.  One thing I noticed is that once I do a "changeto" and go to a customer context, I don't seem to receive accounting messages anymore.  Authoriation doesn't seem to matter anymore at this point either.  Obviously the local context AAA has taken over.

Is there any way for the other contexts to send authorization and accounting information via the admin context?  I would rather not create logical management connections from our VRF on the core into each customer context if I don't have to.  My guess is that I will need to do this, but figured I would see if anyone knew a special way to avoid doing this.

Thanks

Labels:
0 Helpful
1 Reply 1

keglass
Level 7
Level 7

‎12-23-2014 09:46 AM

I recommend you also post this to the Cisco Support Community for additional feedback.

Cisco Support Community

Hope this helps.

Kelli Glass
Moderator for Cisco Customer Communities

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card