Home
Support
Product Support
Routers
Cisco SD-WAN
Configuration Guides

Cisco Catalyst SD-WAN Multitenancy Guide, Releases 26.x and Later

How does SD-WAN Manager assign controllers to a new tenant?
What is required before enabling multitenancy on SD-WAN Manager?
What functions can tenants perform in the SD-WAN Manager tenant view?

View all Saved Content

PDF

Is this content helpful?

Helpful Unhelpful

Suggestions for Improvement

Thank you for your feedback. Your response has been recorded.

Ask about this content

Cisco Catalyst SD-WAN Multitenancy Guide, Releases 26.x and Later

How does SD-WAN Manager assign controllers to a new tenant?
What is required before enabling multitenancy on SD-WAN Manager?
What functions can tenants perform in the SD-WAN Manager tenant view?

Expand all sections

About this content

Multitenancy

Feature history for Cisco Catalyst SD WAN multitenancy
Cisco Catalyst SD-WAN multitenancy
Feature availability
User roles in multitenant environment
Provider and tenant remote servers and images
Supported devices, hypervisor and persona for multitenancy
Supported hardware specifications for multitenancy
Restrictions for multitenancy
Initial setup for multitenancy
Expand a multitenant deployment to support more tenants and tenant devices
Upgrade SD-WAN Controller and Edge Device Software

Multitenancy Tenant Management

Feature history for tenant management
Tenant management
Add a new tenant
Manage tenant WAN edge devices
Manage tenant data
View tenants associated with a Cisco SD-WAN Controller
View OMP statistics per tenant on a Cisco SD-WAN Controller

Multitenancy Migration

Feature history for multitenancy migration
Tenant migration in a multitenant deployment
Restrictions for migration of a tenant from a multitenant overlay to a single-tenant deployment
Migrate single-tenant Cisco Catalyst SD-WAN overlay to multitenant Cisco Catalyst SD-WAN deployment
Migrate a tenant from a multitenant Cisco Catalyst SD-WAN overlay to single-Tenant Cisco Catalyst SD-WAN deployment
Migrate multitenant Cisco Catalyst SD-WAN overlay
Verify the migration

Multitenancy Disaster Recovery

Disaster recovery for a multitenant Cisco SD-WAN Manager cluster
Disaster recovery in an overlay network with virtual routers
Disaster recovery after a failed data center becomes operational
Replace faulty SD-WAN Controller

Multitenancy Dashboard

Feature history for the multitenancy dashboard
Cisco SD-WAN Manager dashboard for multitenancy
View Cisco SD-WAN Validator health dashlet
View Cisco SD-WAN Manager health dashlet
View Cisco SD-WAN Controller health dashlet
View multitenant WAN edge health dashlet
View tenant activity, device, and network information
View detailed information of a tenant setup
View all network connections in the tenant overlay network
View information about device reboots
View state of data connections for a site
View interface usage for WAN edge interfaces
View WAN edge device counts
View aggregated state of WAN edge devices
View WAN edge device loss, latency, and jitter
View SAIE flow information of WAN edge devices
View tunnels data
View tenant alarms in provider dashboard
View tenant events in provider dashboard
View OMP statistics per tenant on a Cisco SD-WAN Controller
View tenants associated with a SD-WAN Controller

Assigning SD-WAN Controllers to Tenants in a Multitenancy Environment

Feature history for assigning Cisco SD-WAN Controllers to tenants
Multitenancy
Benefits of automatic tenant placement on multitenant SD-WAN Controllers
Restrictions for automatic tenant placement on multitenant SD-WAN Controllers
Prerequisites for automatic tenant placement on multitenant SD-WAN Controllers
Assign SD-WAN Controllers to tenants during onboarding
Update SD-WAN Controller placement for a tenant

Restrictions for multitenancy

Updated: June 21, 2026

Want to summarize with AI?

Outlines operational and deployment restrictions associated with Cisco Catalyst SD-WAN multitenancy, guiding users to avoid unsupported configurations.

Defines the limitations and unsupported configurations in a multitenant Cisco SD-WAN deployment.

Connecting to a device by SSH

Do not use a user-configured system IP address to connect to a device through SSH. Instead, use the IP address of the vmanage_system interface; this IP address is assigned by SD-WAN Manager.
IP address of the vmanage_system interface

To find the IP address of the vmanage_system interface, use only one of these methods:
- Launch the device SSH terminal from SD-WAN Manager and find the vmanage_system IP address from the first line of the log-in prompt, or
- Run the show interface description command and find the vmanage_system IP address from the command output.
- If you add a second tenant immediately after adding a tenant, SD-WAN Manager adds them sequentially, and not in parallel.
- If you are adding a WAN edge device that you had previously invalidated and deleted from an overlay network, you must reset the device software after adding the device.
  
  To reset the software on a Cisco IOS XE Catalyst SD-WAN device, use the command, request platform software sdwan software reset .
- For Cisco IOS XE Catalyst SD-WAN Release 17.12.1a and earlier releases, single-node SD-WAN Manager is not supported on a multitenant deployment.
  - A minimum of a 3-node SD-WAN Managercluster is required for a multitenant deployment.
Upgrading devices during SD-WAN Controller or SD-WAN Validator upgrade

When a SD-WAN Controller or SD-WAN Validator upgrade is in progress, upgrade of tenant edge devices is not supported.
SD-WAN Controller group feature

The SD-WAN Controller group feature is not supported in multitenant mode.
Device site ID

The WAN edge device's site ID must be different from the SD-WAN Control Components site ID when the SD-WAN Manager has different public and private IP addresses.
Cannot change a SD-WAN Manager back to single tenant mode

After you enable SD-WAN Manager for multitenancy, you cannot change it back to single tenant mode.

Need help?

Open a support case

(Requires a Cisco Service Contract)

Bias-free language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.