Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2089
Views
0
Helpful
5
Replies

ACS Appliance 4.2 - Internal database replication Problem

Go to solution
yunchouljung
Level 1
Level 1

‎05-18-2009 02:05 AM - edited ‎03-10-2019 04:29 PM

hellow

i'm yunchoul jung in korea

now i'm configuring ACS Appliace 1113 ver4.2

in internal database replication, Primary and secondary ACS server can not repliacate the database because of the default SELF(127.0.0.1) configuration in network configuration.

so i have a guestion how i can replace 127.0.0.1 address to the desired ip address or delete the SELF(127.0.0.1) address

i dont understand a solution procedure in the bellow documentation .

thanks for your help in advance

Problem: 127.0.0.1 is a reserved address

You have two units of ACS SE 1113 and want to replicate the internal database from primary to secondary,

but you notice this error message in the secondary unit:

Inbound database replication from ACS <secondary ACS unit name> denied - shared secret mismatch

When you try to modify the key of AAA Server Self under Network Configuration the error message is

returned.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎05-22-2009 07:09 AM

That is due to a known bug,

Symptom: 127.0.0.1 address appears in ACS and replication fails

Conditions:

Install S/W Acs version 4.2.0.124

*Disable Network Adapter

*Enable Network Adapter

*Navigate to Network Configuration page.

*Should see the AA server IP to be loop back one

Workaround:

For windows: remove the 127.0.0.1 entry

For appliance: backup the database, install ACS on windows, restore, remove

the entry, do a backup and restore it on the appliance

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?caller=pluginredirector&method=fetchBugDetails&bugId=CSCso39795

Regards,

~JG

Do rate helpful posts

View solution in original post

0 Helpful
5 Replies 5

Go to solution
wong34539
Level 6
Level 6

‎05-22-2009 06:03 AM

ACS does not support distributed deployments in a NAT environment. If a Primary or Secondary address is NAT-configured, the database replication file will indicate shared secret mismatch. Bidirectional replication, wherein an ACS sends database components to and receives database components from the same remote ACS, is not supported. Replication fails if an ACS is configured to replicate to and from the same ACS.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/SCAdv.html#wp755988

0 Helpful

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎05-22-2009 07:09 AM

That is due to a known bug,

Symptom: 127.0.0.1 address appears in ACS and replication fails

Conditions:

Install S/W Acs version 4.2.0.124

*Disable Network Adapter

*Enable Network Adapter

*Navigate to Network Configuration page.

*Should see the AA server IP to be loop back one

Workaround:

For windows: remove the 127.0.0.1 entry

For appliance: backup the database, install ACS on windows, restore, remove

the entry, do a backup and restore it on the appliance

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?caller=pluginredirector&method=fetchBugDetails&bugId=CSCso39795

Regards,

~JG

Do rate helpful posts

0 Helpful

Go to solution
w.iqbal
Level 1
Level 1

‎05-26-2009 06:03 AM

if you want to give desired ip follow this.

1) Connect your acs cable with your system. like normal system connection , without connectivity i never found to change my ip.

2) in console enter

set ip (enter)

give ip ,subnet as it ask.

Done..

Bangash

pakistan

0 Helpful

Go to solution
MarekVanco_2
Level 1
Level 1

‎04-29-2011 10:55 AM

did you manage to resolve his issue? I ahve the same problem? was it a bug as stated above?

This is the version I'm running:

Cisco Secure ACS4.2.0.124
Appliance Management Software4.2.0.124
Appliance Base Image4.2.0.107

Message was edited by: MarekVanco

0 Helpful

Go to solution
Devashree Chakrabarti
Level 1
Level 1
In response to MarekVanco_2

‎05-02-2011 08:15 PM

Hello Marek

Yes, there is a know bug. You need to follow the workaround :

Workaround:

For windows: remove the 127.0.0.1 entry

For appliance: backup the database, install ACS on windows, restore, remove

the entry, do a backup and restore it on the appliance

thanks

Devashree

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents