cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
262
Views
0
Helpful
5
Replies

Cisco ACS questions for new deployment

marioderosa2008
Level 1
Level 1

Hi all, I am designing a new Cisco ACS deployment to handle AAA services for all our network devices. I have read the user guides and I understand the different deployment scenario's. However, what i could not find in the user guide, were answers to the questions below...

Number of AAA clients, using command authorisation, that a single ACS server can handle?

Does a Large Add-On license (for more than 500 nodes) need to be purchased for every ACS server, or does one license cover the whole deployment?

How is AAA load-balancing performed? Does each AAA server need to be defined individually on every Network device? Or is there some intelligence build in to the AAA servers so that they can distribute the load themselves? Or can a load balancer be used like you can with Cisco ISE PSN nodes?

Thanks

 

Mario

5 Replies 5

marioderosa2008
Level 1
Level 1

one other question I have just thought of is that for resilience, the two ACS servers will be physically dispersed.

Do the Primary & Secondary ACS servers need to be in the same broadcast domain for a successful failover to occur?

Thanks

Mario

ACS Server can be in diffrent subnets to form a Cluster.

The first configured Server on your switch will be used for authentication.

 

Horst

Thanks.

So every AAA server that I have in my ACS deployment will have to be explicitly configured on every NAD?

We cannot use load balancers? (like you can with the ISE for RADIUS authentications).

 

Thanks

 

Mario

Ravi Singh
Level 7
Level 7

Supported number of clients depends on License for example

The base license is required for all deployed software instances and for all appliances. The base license enables you to use all ACS functions except license-controlled features, and it enables standard centralized reporting features.

The base license:

  • Is required for all primary and secondary ACS instances.
  • Is required for all appliances.
  • Supports deployments that have a maximum of 500 NADs.

The following are the types of base licenses:

  • Permanent—Does not have an expiration date. Supports deployments that have a maximum of 500 NADs.
  • Evaluation—Expires 90 days from the time the license is issued. Supports deployments that have a maximum of 50 NADs.

 

Hi,

 

I knew all of that. I read that in the user guide too... what I asked was how many NADs can each ACS server handle? In other words, how do I know how many ACS servers I need in my deployment?

The other question was, to upgrade to unlimited NADs, do I have to buy an add-on license for every ACS server? Or do I just buy the one license and it gets installed on the primary configuration server which then covers the whole deployment?

 

Thanks

Mario

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: