cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4854
Views
8
Helpful
10
Replies

Cisco Secure ACS 4.2 on VMware ESX 4.0.

andrea.meconi
Level 2
Level 2

We need to move from ESX 3.5 to ESX 4.0 a virtual machine running Cisco Secure ACS per Windows version 4.2.

Is this solution compatible and supported by Cisco?

Thanks.

Andrea

1 Accepted Solution

Accepted Solutions
10 Replies 10

Jennifer Halim
Cisco Employee
Cisco Employee

Does anyone know if/when ACS 4.2 will be 'supported' on ESX 4.0?

If not has anyone else been sucessful?

We need to upgrade our ACS 4.1 platform and ACS 5.x is not suitable as it still doesn't feature many of the necessary components (e.g. CiscoWorks LMS integration) so will need to go to 4.2.

I'm not buying new hardware just for ACS so it will have to go on our VMware ESXi 4.0 farm.

Assuming that as ACS 4.2 has been tested/supported on ESX 3.0 and is 'supported' on 3.5 that 4.0 support is just a timing issue?


Thanks
Mike

Does anyone from Cisco know if support for ACS 4.2 on VMware ESX 4.0 is in the pipeline?

Hi,

As of today ACS 4.2 is not supported on VMWare ESX 4.0 and there are no plans to test/certify ACS 4.2 for this version. 
http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/device/guide/sdt42.html#wp37898
The following versions of VMWare ESX are supported:
ESX 3.0.x (tested)
ESX 3.5.x (not tested)
ESX 3.5i (not tested)"

ACS 4.2 will probably run on ESX 4.0, but if there are issues, TAC/Dev won't  we able to provide support.
ACS 5.1 is supported on ESX 4.0.

Let me know if i answer your query.

thanks,
Vinay
Thanks & Regards

Vinay,

Many thanks for the response I have now escalated this through my Cisco Account Manager.

The problem I face is that as detailed in the Cisco ACS 5.x FAQ below:

http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps9911/ps9915/qa_c67-504496.html

Cisco Secure ACS 5.x does not yet provide all the functionality of ACS 4.x that we use (namely CiscoWorks LMS and CSM integration from what I've read).

The FAQ clearly states:

Q. Does Cisco Secure ACS 5.0 replace Cisco Secure ACS 4.2?

A. No. ACS 4.2 is a proven, feature-rich product that meets today's complex identity and access policy needs of enterprises, and Cisco will continue to sell, maintain, and support ACS 4.2. Cisco Secure ACS 5.0 is the initial release of Cisco's next-generation network identity and access solution and is suitable for many deployments today that require support for device administration and wireless and wired 802.1x scenarios. In time, ACS 5.x will incorporate other key 4.x features to allow the broader customer base to upgrade to the next-generation ACS platform.

So therefore in my opinion Cisco needs to support and develop ACS 4.2 until such time as all functionality is available within 5.x.

VMware ESX/ESXi 4.x was released in mid 2009 so for Cisco to not support ACS 4.2 a product which the FAQ commits to "sell, maintain, and support" on this newer platform isn't really acceptable in my opinion.

Cisco cannot expect its customers to remain on or deploy old technology (e.g. ESX 3.x) just because ACS 5.x is lacking in features.

I notice that with ACS 4.2.1 support for Windows Server 2008 was introduced (as Windows 2003 is already now end of mainstream support with Microsoft), so in the same vain I would expect a product roadmap for ACS 4.2 which includes the support and testing of other key technologies.

Thanks anyway

Michael

Interesting - same problem here.  We're switching to 2008R2, and Cisco says it's not supported.  And the only thing that supports AD for R2 is apparently 5.2, which means a paid upgrade, to a new, immature product.

Interesting comment as we are looking to upgrade our servers and domain to 2008 R2.

I noticed that the 4.2.1 documentation lists support for Windows 2008 but not 2008 R2, was assuming this was just the host operating system, hence we would simply run ACS 4.2 on Windows 2008 within a 2008 R2 domain.

Our ACS 4.1 platform is authenticating to RSA SecurID which is domain integrated (e.g. use domain username with RSA token) as well as integration to LMS and CSM.

Are you suggesting that ACS 4.2 won't work in a 2008 R2 domain?

Hi Mike,

TAC has already opened new enhancement request for ACS 4.2 support with 2008 R2. I Development is working on it and we should get an update in some time.

Latest filed enhancement is CSCta35271 which is internal for the time being but other one which was filed earlier is avilable to view i.e. CSCtd56660:-

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?caller=pluginredirector&method=fetchBugDetails&bugId=CSCta35271

thanks,

Vinay

Do Rate, it helps other customers

Thanks & Regards

Hi Rich,

TAC has already opened new enhancement  request for ACS 4.2 support with 2008 R2. I Development is working on it  and we should get an update in some time.

Latest filed  enhancement is CSCta35271 which is internal for the time being but  other one which was filed earlier is avilable to view i.e. CSCtd56660:-

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?caller=pluginredirector&method=fetchBugDetails&bugId=CSCta35271

thanks,

Vinay

Do Rate, it helps other customer

Thanks & Regards

Dear Vinay ,

          Is there any TAC case opened for ACS 4.2 support on VMWARE 4.0 on windows 2003 R2 platform  , we are finding issue on ACS services starting automatically during operating system restart , Please suggest thank you

HTH Regards Santhosh Saravanan
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: