We have ACS 3.3 and planned to upgrade to 4.2 - however when we installed 4.2 on our test system we found that an extra field was required in the TACACS set up for switches - within Network Configuration -> Network Device Groups -> AAA setup, there is a shared secret.
None of our (1500+) switches have had a share secret on them before for TACACS, so my question is what is the best approach to upgrade to 4.2.
If we install 4.2 first then we lose TACACS to all the switches until we have added a shared secret to the switches. If we add the shared secret TACACS+ fails.
We have Cisco LMS - so if we need to add the shared ket to the switches then we can do it via LMS - but we cannot afford to lose access to the switches as these are used 24 x 7.
BTW in case you are wondering about the number of switches - we are a retail company with 153 stores across the UK and each store has a minimum of three switches.....
You can have multiple tacac-servers... If possible you can stand up a new install of the 4.2 rather then upgrading your existing single server. Use LMS to add the second sever to all your switch configs. once they are all populated and configured with keys. then use LMS to strip the old tacacs out of the configs. This way you dont lose connectivity while performing your upgrade.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...