ACS 4.1 and VMWare ESX Servers

Unanswered Question

A while back, we had some issues with our ACS servers running on VMWware ESX. We've since upgraded ESX to 3.5 and I was wondering if there are any further problems?

We're running ACS 4.1.(1) Build 23 Patch 3 on ESX 3.5.

The reason I ask is because we're in the process of bringing Cisco Works LMS 3.0.1 online in parallel with our 2.6 and are having some issues integrating with ACS.

When LMS does the Verification process we get the following:

Primary ACS Verification Status (acs1)

Tacacs+ Connectivity : Reachable

HTTP/HTTPS Connectivity : Reachable

AAA Client : Not Configured

Secret Key Verification : Not Applicable

System Identity User : Not Applicable

Secondary ACS Verification Status (acs2)

Tacacs+ Connectivity : Reachable

HTTP/HTTPS Connectivity : Reachable

AAA Client : Not Configured

Secret Key Verification : Not Applicable

System Identity User : Not Applicable

Tertiary ACS Verification Status ( acs3 )

Tacacs+ Connectivity : Reachable

HTTP/HTTPS Connectivity : Reachable

AAA Client : Configured

Secret Key Verification : Success

System Identity User : Not configured properly for - (cwhp,cwportal,CiscoView,rme,CM,dfm)

ACS 1 and 2 are both running on VMWare ESX 3.5 servers

ACS 3 is on real hardware

ACS1 replicates down to 2 & 3 but not visa/versa.

When we were on a older version of ESX we had problems running jobs so we moved our current LMS 2.6 install to ACS3. However, ACS 1 and 2 both have the CW information registered.

Any thoughts as to what the problem could be? Are there still issues with CW and ACS while ACS is running on VMWare ESX?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cisco24x7 Thu, 03/27/2008 - 13:52

I am running VMWare ESX 3.5 on a Dell 1850

dual Xeon processors with 12GB RAM.

on the ESX Servers, I am running Checkpoint

Provider-1 NGx R65 as an instance

I also have another instance of Win2003 SP2

and I have ACS 4.1(1) build 23 patch 3.

I have another instance of Win2003 SP2 running

RSA SecurID

I have another instance of Redhat Linux ES 3

running Steelbelt radius

All the integration works fine with VMWare

ESX.

I think the integration you have has to do

with Cisco Products integration and not VMWare

ESX.

CCIE Security

Actions

This Discussion