Showing results for 
Search instead for 
Did you mean: 

securing console in multicontext mode (ASA)

Lewis Quin

Seeing as you cannot use AAA commands within the system exec space (when running an ASA in multi-context mode) how can you secure console access? I realize you can set the enable, but are there any other options to force login to console?.

Also do all contexts have to run the same OS version as the system exec?

6 Replies 6

Collin Clark

You can force AAA or local login on the console-

aaa authentication serial console LOCAL 

Yes all the contexts must run the same version. 

but you cannot use AAA commands from within the system exec space? only the contexts, so how to you secure console access to system

The system execution space does not support any AAA commands, but you can configure its own enable password, as well as usernames in the local database to provide individual logins.

okay, so I have found that you can secure the appliance console access by using AAA from the admin context, however if you do this it uses the local userames stored within admin and not those created in sys exec space.

You can create local username/password in the system execution space as well.

yes you can but the problem is this:

To require a username and password for the serial interface (console) of the ASA you have to issue the 'aaa authentication serial console LOCAL' command in the admin context (as it doesnt not exist in the sys exec space), and if you do this the serial connection looks to the admin context local user database to authenticate the serial connections (and not the system exec user database.)

so while you are correct in that you can create local users in the system exec space, they are not used to authenticate the local console connection, as it appears to use the admin context local user database.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers