02-25-2015 05:23 AM - edited 03-11-2019 10:33 PM
Seeing as you cannot use AAA commands within the system exec space (when running an ASA in multi-context mode) how can you secure console access? I realize you can set the enable, but are there any other options to force login to console?.
Also do all contexts have to run the same OS version as the system exec?
02-25-2015 06:33 AM
You can force AAA or local login on the console-
aaa authentication serial console LOCAL
Yes all the contexts must run the same version.
02-25-2015 06:35 AM
but you cannot use AAA commands from within the system exec space? only the contexts, so how to you secure console access to system
02-25-2015 06:39 AM
The system execution space does not support any AAA commands, but you can configure its own enable password, as well as usernames in the local database to provide individual logins.
02-25-2015 06:53 AM
okay, so I have found that you can secure the appliance console access by using AAA from the admin context, however if you do this it uses the local userames stored within admin and not those created in sys exec space.
02-25-2015 06:57 AM
You can create local username/password in the system execution space as well.
02-25-2015 07:06 AM
yes you can but the problem is this:
To require a username and password for the serial interface (console) of the ASA you have to issue the 'aaa authentication serial console LOCAL' command in the admin context (as it doesnt not exist in the sys exec space), and if you do this the serial connection looks to the admin context local user database to authenticate the serial connections (and not the system exec user database.)
so while you are correct in that you can create local users in the system exec space, they are not used to authenticate the local console connection, as it appears to use the admin context local user database.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide