I have an existing ACS SE 1111 running 3.2(1) software and I just received a replacement appliance 1112 running version 4.x ACS software. I can't seem to find any information about upgrading from the older appliance to the new appliance. Is there a specific way to transfer my user/group/network device configurations to the new appliance?
Thanks for the response AK. If I were upgrading from 3.2(1) on the same appliance your route would work but I am upgrading from one appliance running 3.2(1) to a new appliance running 4.0. Are you saying that I should upgrade my current appliance to 3.3.3 then 4.0 then transfer that data to the new appliance running 4.0? If so, can I upgrade my old appliance 1111 hardware to 4.0?
To allow you to copy/transfer config@configurations between ACS boxes, both of them need to have same code/version.
Since you already have new box running 4.x, but need to load it with current config in your older ACS 1111 unit, then I believed you need to do version upgrade (3.2.1 -> 3.3.3 -> 4.x) on the older box.
Maybe you can try to do a simple test by importing your current ACS config into the new box (performed backup in older box, and load the file into new box). I have tried this before using server-based ACS, and it doesn't work (as stated in doc).
Curious if you have found the instructions in this thread to be true and have been through the process. I've just received a new SE and appear to be in the same situation after reading the documentation. Don't understand why we need to go through multiple steps and don't find any estimates of how long each of these might take.
You would think the new version would be able to convert the database from the older version as part of a migration.
We had hoped to minimize any outage by getting the database onto the new 4.0 version, making that the primary and then upgragding the SE with the 3.3 version at our leisure.
Anyone from Cisco care to comment on why this multi-step process makes sense from a customer outage perspective?
a.kiprawih is right, you need to upgrade your ACS 3.2(1) to ACS 4.0, then take a backup of it and restore it in new ACS 1112 ACS 4.0. The easiest way to accomplish it would be take a backup of ACS SE 1111 3.2(1), open a TAC case send your backup to TAC, get it upgraded to 4.0, they'll send you upgraded backup, restore it in ACS SE 1112 4.0 appliance, you are ready to roll. If you dont want to send your backup to TAC, create a test Win2000 server, install ACS 3.2(1), take a backup oif ACS SE 1111 3.2(1), restore it. Upgrade it to ACS 3.3(3) build 11 on Win2000, take a backup. Then again upgrade it to ACS 4.0 on Win2000, take this backup(Final one).
Configure your ACS SE 1112 4.0 basic setup, then restore the ACS 4.0 backup from Win2000, and make sure you have all your IP address and other stuff in place, you are good to roll.
NOTE : While uprading from ACS 3.3(3) build 11 to ACS 4.0 on Win2000 serer, you may hit a bug due to trailing spaces in NAS ip address defined on ACS server. Best way.. Open a TAC case.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...