Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
245
Views
0
Helpful
0
Replies

ASA Multi-context remote administration

itstony_e
Level 1
Level 1

‎12-03-2015 11:12 AM - edited ‎03-11-2019 11:59 PM

I have setup a ASA-5555-X in a lab in Multi-context mode, using the latest 9.5 code.

There is an out-of-band management network connected to the MGMT port.

I have 2 customers, each has their own security context.

Problem:

When you log into the ASA through the MGMT port you are dumped into the admin context.

Question:

Is there a way to dump the network security administrator into their context based on their credentials? (This is Plan 'A')

Plan B:

Can we create sub-interfaces on the Management port and allocate the sub-interface port to a context? (Note: this is not ideal and I would like to stay away from this if necessary.)

Plan C:

Allow in-band MGMT. That is allow administrators to SSH to the inside interface. The problem here is the 'inside' interface IP address cannot be changed. Does the ASA permit use of a 'secondary' ip address the same way a router does?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card