The client is interested to deploy 2x new ACS 5.x and interested to setup split deployment between two ACS in two separate locations for load sharing, and configuration replication. At the same the client want an ability to make configuration changes on both ACS servers. According to Cisco ACS 5.x deployment notes all
Configurations must me make to a primary ACS servers and secondary servers will obtain configuration from the primary server which defeat the client requirements of the ability and capability to make changes to both server.
If I deploy two ACS servers in two different location as an independent servers, can I still replicate information between two servers? I know ACS 4.2 I can do replication between two servers.
Great question, this is the different between ACS 4 and ACS 5, before we were able to choose what configurations were owned by which ACS server, in ACS 5 that behavior has changed. When you join an ACS node as a secondary server you will only have read-only access since it grabs its current configuration from the primary node it is registered to.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...