Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

ACS 5.1 to 5.3 Upgrdae

Good day, Gents.

I read several guides such as http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-3/installation/guide/csacs_book/csacs_upg.html and several tickets from support forums, but I haven't understood am I right in suggestions.

Our company has primary/log collector server and secondary one. And according to link above my plan should be as following:

first variant

1) patch both servers 5.1 to the latest one

2) backup both of them using backup repository cli command

3) deregister secondary one, therefore every server will be a standalone one

4) upgrade old secondary to 5.3

5) on primary 5.1 make old secondary one (now separate primary 5.3 one) as remote target

6) upgrade old primary one to 5.3

7) register old primary one to current primary one as a secondary one

8) promote a secondary one as a primary one

9) optionally return to primary one functions of log collector as we have right now

10) optionally patch both servers 5.3 to the latest one

second variant:

1) patch both servers 5.1 to the latest one

2) backup both of them using backup repository cli command

3) promote current secondary one as primary one. result - new secondary one (previous primary one)/log collector, new primary one (previous secondary one)

4) reallocate functions of log collector to primary server. result - secondary server, primary/log collector server

5) deregister secondary server (previous primary one). result - two standalone servers

6)upgrade secondary server to 5.3

7) make on primary server 5.1 new  primary server 5.3 as a remote target for deployment

8) upgrade primary server 5.1 to 5.3

9) register it to current 5.3 primary server as a secondary one

10) promote secondary server as primary one

11) optionally return functions of log collector to primary one as we have right now

12) optionally patch both servers with the latest patch

 

Which one is more correct or they almost identical ones? i'm just confused a little bit with functions of log collector and afraid of not to lose previous logging info after upgrading

 

Thanks in advance

Everyone's tags (1)
3 REPLIES
New Member

any suggestions/thoughts?

any suggestions/thoughts?

The second veriont is more

The second veriont is more suitable,

*Before restoring ACS 5.1 database backup in ACS 5.3, you need to install ACS 5.3 patch 4 (or higher).

New Member

thank you for response

thank you for response.

actually i still not sure about the reason of promoting secondary server to primary in the second variant in the third line. what for is it? why cann't we as in the first variant immediately after degradating servers, upgrade the old second server?

and i didn't understand what for i need to  restore something according to your statement "*Before restoring ACS 5.1 database backup in ACS 5.3, you need to install ACS 5.3 patch 4 (or higher)."

and if i'm planning to upgrade servers with application bundle (NOT re-imaging), i didn't see the statement for restoring something as you wrote

or if i did as you said, would i restore log collector/monitoring and view database info? if yes, which command should i use? restore filename repository repository-name command?

BW

88
Views
0
Helpful
3
Replies
CreatePlease to create content