We currently have an ACS SE 1112 version 22.214.171.124. Windows Active Directory is being used to authenticate users.
We have a new ACS (1113 running 126.96.36.199.5) that will be replacing this one.
Regarding the new install, do I need to install a new remote agent to use with Active Directory? Also, can I use the same IP address for the new ACS SE that is being used for the one that will be replaced? We didn't want to change our switch and router configs if it isn't necessary. If it's possible just to set up everything on the new ACS SE and then unplug the old one and plug in the new one.
I am new to ACS and was not around when it was originally set up so sorry if these are dumb questions!
It should work as long as you don't miss anything, and yes you are supposed to install an agent that matches the version you are running. You might want to go ahead and put the latest updates on the ACS before you put it into operation. The process is kind of different than other updates. You might want to read my other ACS posts. I recently killed one of my ACS boxes because I did not install the CSUPdate cumulative patch before installing the lastest patch of the same rev level. (i.e. read directions carefully). Make sure you do an FTP backup before updating the software. If anything goes wrong you could have to reimage the box. There were lots of bug fixes in the updates since 4.1.1.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...