Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS SE 1111 3.x upgrade path to new 1112 4.x

Hi,

I have an existing ACS SE 1111 running 3.2(1) software and I just received a replacement appliance 1112 running version 4.x ACS software. I can't seem to find any information about upgrading from the older appliance to the new appliance. Is there a specific way to transfer my user/group/network device configurations to the new appliance?

Thanks,

Ray

5 REPLIES

Re: ACS SE 1111 3.x upgrade path to new 1112 4.x

You need to upgrade your existing version to v3.3.3, before jumping to v4.0.

The upgrade path will be:

1. Upgrade 3.2(1) to v3.3.3 (see Release Notes for Cisco Secure ACS Solution Engine 3.3.3 on Cisco.com)

http://www.cisco.com/en/US/partner/products/sw/secursw/ps5338/prod_release_note09186a0080451261.html#wp1119360

2. Upgrade 3.3.3 to 4.0:

http://www.cisco.com/en/US/partner/products/sw/secursw/ps5338/products_installation_guide_chapter09186a00805a2b09.html

It is recommended to backup all data before upgrading the unit.

Rgds,

AK

New Member

Re: ACS SE 1111 3.x upgrade path to new 1112 4.x

Thanks for the response AK. If I were upgrading from 3.2(1) on the same appliance your route would work but I am upgrading from one appliance running 3.2(1) to a new appliance running 4.0. Are you saying that I should upgrade my current appliance to 3.3.3 then 4.0 then transfer that data to the new appliance running 4.0? If so, can I upgrade my old appliance 1111 hardware to 4.0?

Thanks,

Ray

Re: ACS SE 1111 3.x upgrade path to new 1112 4.x

Hi Ray,

To allow you to copy/transfer config@configurations between ACS boxes, both of them need to have same code/version.

Since you already have new box running 4.x, but need to load it with current config in your older ACS 1111 unit, then I believed you need to do version upgrade (3.2.1 -> 3.3.3 -> 4.x) on the older box.

Maybe you can try to do a simple test by importing your current ACS config into the new box (performed backup in older box, and load the file into new box). I have tried this before using server-based ACS, and it doesn't work (as stated in doc).

Rgds,

AK

New Member

Re: ACS SE 1111 3.x upgrade path to new 1112 4.x

Curious if you have found the instructions in this thread to be true and have been through the process. I've just received a new SE and appear to be in the same situation after reading the documentation. Don't understand why we need to go through multiple steps and don't find any estimates of how long each of these might take.

You would think the new version would be able to convert the database from the older version as part of a migration.

We had hoped to minimize any outage by getting the database onto the new 4.0 version, making that the primary and then upgragding the SE with the 3.3 version at our leisure.

Anyone from Cisco care to comment on why this multi-step process makes sense from a customer outage perspective?

New Member

Re: ACS SE 1111 3.x upgrade path to new 1112 4.x

a.kiprawih is right, you need to upgrade your ACS 3.2(1) to ACS 4.0, then take a backup of it and restore it in new ACS 1112 ACS 4.0. The easiest way to accomplish it would be take a backup of ACS SE 1111 3.2(1), open a TAC case send your backup to TAC, get it upgraded to 4.0, they'll send you upgraded backup, restore it in ACS SE 1112 4.0 appliance, you are ready to roll. If you dont want to send your backup to TAC, create a test Win2000 server, install ACS 3.2(1), take a backup oif ACS SE 1111 3.2(1), restore it. Upgrade it to ACS 3.3(3) build 11 on Win2000, take a backup. Then again upgrade it to ACS 4.0 on Win2000, take this backup(Final one).

Configure your ACS SE 1112 4.0 basic setup, then restore the ACS 4.0 backup from Win2000, and make sure you have all your IP address and other stuff in place, you are good to roll.

NOTE : While uprading from ACS 3.3(3) build 11 to ACS 4.0 on Win2000 serer, you may hit a bug due to trailing spaces in NAS ip address defined on ACS server. Best way.. Open a TAC case.

Let me know if this helps :)

183
Views
0
Helpful
5
Replies