ACS cannot remove AAA server

Answered Question
Apr 16th, 2009

I have an ACSSE that for some reason has two instances of itself listed under AAA servers. The first one says "self" and shows a 127.0.0.1 address. The second one shows it's real address. I am trying to remove the second one but there is no option to delete.

I think this is causing my database replication to fail. My primary ACSSE is listed under the AAA servers screen. This machine that has two self's listed is not allowing the database replication saying invalid secret key. I did verify the keys are the same.

Seth

I have this problem too.
0 votes
Correct Answer by ansalaza about 7 years 7 months ago

You should be able to remove one of the Servers, even if it is the one with the correct IP, then try:

In order to resolve the 127.0.0.1 self problem, you can backup and restore the .DMP files on a fresh installation of ACS for Windows 4.2 and modify the 127.0.0.1 entry with the desired IP address.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a00808d9199.shtml#res

ACS v4.2.0.124 90-Days Evaluation Software

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-eval

Once you restore the fixed database, please confirm your Proxy Distribution Table Entries.

The ACS Server should be in the Forward To box.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
srosenthal Mon, 04/20/2009 - 07:22

When looking at the AAA servers, should I see the local unit assigned as "self" with it's actual address, or with a 127.0.0.1 address?

When I first setup both of the ACS servers, they both had "self" listed with the 127.0.0.1 address. However, after running the recovery cd and re-installing both units, the "self" now only shows up with the actual IP address.

Thanx, Seth

Correct Answer
ansalaza Mon, 04/20/2009 - 10:28

You should be able to remove one of the Servers, even if it is the one with the correct IP, then try:

In order to resolve the 127.0.0.1 self problem, you can backup and restore the .DMP files on a fresh installation of ACS for Windows 4.2 and modify the 127.0.0.1 entry with the desired IP address.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a00808d9199.shtml#res

ACS v4.2.0.124 90-Days Evaluation Software

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-eval

Once you restore the fixed database, please confirm your Proxy Distribution Table Entries.

The ACS Server should be in the Forward To box.

Actions

This Discussion