Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1156
Views
0
Helpful
2
Replies

ACS databases sync !

Go to solution
illusion_rox
Level 1
Level 1

‎07-27-2009 07:23 AM - edited ‎03-10-2019 04:36 PM

Hi all. I have 2 windows machines running acs 4.1. I am just installing the second machine to a new region. I want to know that what shall i do about all 150 routers i have added ? is it possible to some how sync both acs servers such that when one goes down, other can be contacted. Do i need to enter all of the data again or is there some automatic way such that when i make a change on the primary server its automatically replicated to other acs ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎07-27-2009 09:50 AM

Hi Rox,

ACS replication is one way replication ( From primary to secondary). So you need to bring up second acs and configure it for replication. After replication it will have all configuration as per primary acs.

Please make sure that replication is setup correctly. (Check list)

1) Make sure that you are not replicating over NAT. Replication over NAT does not work because the IP is used as part of the server authentication.

2) Next, check to make sure that you are not sending or receiving the distribution table. On the primary server, the distribution table should not be checked in the send list, and on the secondary, the distribution table should not be checked for receive.

3) Then I would like you to check in the secondary server's partner list, to make sure that the primary is not listed. You should not enter the primary server into the partner list on the secondary server. However, the primary server should have all secondary servers listed in its partner list.

4) Ensure that the secondary server has it's replication scheduling set to "manual".

5) Please verify that your servers are all running exactly the same ACS version and build.

6) Also let me know if we have any firewall in between two acs servers.

Please see this link for replication scheduling option,

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/SCAdv.html#wp756696

Regards,

~JG

Do rate helpful post

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎07-27-2009 09:50 AM

Hi Rox,

ACS replication is one way replication ( From primary to secondary). So you need to bring up second acs and configure it for replication. After replication it will have all configuration as per primary acs.

Please make sure that replication is setup correctly. (Check list)

1) Make sure that you are not replicating over NAT. Replication over NAT does not work because the IP is used as part of the server authentication.

2) Next, check to make sure that you are not sending or receiving the distribution table. On the primary server, the distribution table should not be checked in the send list, and on the secondary, the distribution table should not be checked for receive.

3) Then I would like you to check in the secondary server's partner list, to make sure that the primary is not listed. You should not enter the primary server into the partner list on the secondary server. However, the primary server should have all secondary servers listed in its partner list.

4) Ensure that the secondary server has it's replication scheduling set to "manual".

5) Please verify that your servers are all running exactly the same ACS version and build.

6) Also let me know if we have any firewall in between two acs servers.

Please see this link for replication scheduling option,

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/SCAdv.html#wp756696

Regards,

~JG

Do rate helpful post

0 Helpful

Go to solution
syedaltaf.shah
Level 1
Level 1

‎09-25-2011 02:02 AM

hi

Jagdeep Gambhir

i did all the steps you specified.. but still i cannot replicate Network Devices in each group. the Groups i have showed up.. but no devices in secondary server. its not syscing.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents