Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS Problem

Hi

I have 2 ACS SE 4.1 servers implemented to perform redundancy to client's authentication.

The problem that I have is:

I configured the 2 engines with IP addresses and also internal DB replication so the Primary ACS send replication data to the Secondary ACS as follow.

ACS_PRI: (Self):10.10.1.10 and I added the Secondary ACS as an AAA server to the ACS PRI AAA table with the Address 10.10.1.11.

ACS_SEC: (Self):10.10.1.11 and I added the Primary ACS as an AAA server to the ACS SEC AAA table with the Address 10.10.1.10.

For the first time all operations seem operational but when I shutdown the ACS servers for a while, I note that the AAA servers table is changed and clients cannot authenticate.

After booting the ACS servers the AAA servers Tables are as follow:

In the Primary ACS: (self):127.0.0.1

DELIVRANCE1:10.10.1.10

ACS_SEC :10.10.1.11

In the Secondary ACS: ACS_SEC:10.10.1.11

DELIVRANCE1:10.10.1.10

Before shutting down ACS servers AAA servers' tables were:

In the Primary ACS: (self): 10.10.1.10

ACS_SEC:10.10.1.11

In the Secondary ACS: (self):10.10.1.11

ACS_PRI:10.10.1.10

Thanks for your assistance

Ismail

1 REPLY

Re: ACS Problem

Ismail,

Pri acs

Go to acs---> Network configuration---->Proxy dis table--->default---->Make sure DELIVRANCE1 is in forward to box

Regards,

~JG

Go to acs---> Network configuration---->Proxy dis table--->default---->Make sure DELIVRANCE1 is in forward to box

212
Views
0
Helpful
1
Replies