ACS Appliance User DB to new non-appliance ACS server

Unanswered Question
Jun 4th, 2008

Is it possible to replicate an ACS appliance user DB and replicate it on a new non-appliance ACS server. We're adding additional ACS servers and don't want to re-create all the groups and mappings. Think of it as ghosting an appliance and restoring it on a new server. Thx

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jagdeep Gambhir Wed, 06/04/2008 - 11:42

Yes you can replicate the acs configuration. Just make sure that acs ver on both server are same.

Regards,

~JG

Do rate helpful posts

Michael Anderson Wed, 06/04/2008 - 11:45

I was hoping I would get you JG! Thanks for the quick reply. Can you point me in the right direction as to where I would find the procedures to accompish this task? TIA - U get a 5

Jagdeep Gambhir Wed, 06/04/2008 - 12:14

Here is the link,

http://cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080742f60.shtml

Here is the troubleshooting check list, in case you face any issue,

1) Make sure that you are not replicating over NAT. Replication over NAT does not work because the IP is used as part of the server authentication

2) Next, check to make sure that you are not sending or receiving the distribution table. On the primary server, the distribution table should not be checked in the send list, and on the secondary, the distribution table should not be checked for receive.

3) Then I would like you to check in the secondary server's partner list, to make sure that the primary is not listed. You should not enter the primary server into the partner list on the secondary server. However, the primary server should have all secondary servers listed in its partner list.

4) Ensure that the secondary server has it's replication scheduling set to "manual".

5) Please verify that your servers are all running exactly the same ACS version and build.

6) Also let me know if we have any firewall in between two acs servers.

Regards,

~JG

Michael Anderson Wed, 06/04/2008 - 12:22

Thank you sir. I will give it a shot and get back to you. I will tell you though that we are running our ACS's behind a CSS, but not a FW or NAT device.

Actions

This Discussion