05-02-2014 04:15 AM - edited 03-10-2019 09:41 PM
Hi all, I am designing a new Cisco ACS deployment to handle AAA services for all our network devices. I have read the user guides and I understand the different deployment scenario's. However, what i could not find in the user guide, were answers to the questions below...
Number of AAA clients, using command authorisation, that a single ACS server can handle?
Does a Large Add-On license (for more than 500 nodes) need to be purchased for every ACS server, or does one license cover the whole deployment?
How is AAA load-balancing performed? Does each AAA server need to be defined individually on every Network device? Or is there some intelligence build in to the AAA servers so that they can distribute the load themselves? Or can a load balancer be used like you can with Cisco ISE PSN nodes?
Thanks
Mario
05-02-2014 04:29 AM
one other question I have just thought of is that for resilience, the two ACS servers will be physically dispersed.
Do the Primary & Secondary ACS servers need to be in the same broadcast domain for a successful failover to occur?
Thanks
Mario
05-02-2014 09:06 AM
ACS Server can be in diffrent subnets to form a Cluster.
The first configured Server on your switch will be used for authentication.
Horst
05-06-2014 04:08 AM
Thanks.
So every AAA server that I have in my ACS deployment will have to be explicitly configured on every NAD?
We cannot use load balancers? (like you can with the ISE for RADIUS authentications).
Thanks
Mario
05-03-2014 06:44 PM
Supported number of clients depends on License for example
The base license is required for all deployed software instances and for all appliances. The base license enables you to use all ACS functions except license-controlled features, and it enables standard centralized reporting features.
The base license:
The following are the types of base licenses:
05-06-2014 04:06 AM
Hi,
I knew all of that. I read that in the user guide too... what I asked was how many NADs can each ACS server handle? In other words, how do I know how many ACS servers I need in my deployment?
The other question was, to upgrade to unlimited NADs, do I have to buy an add-on license for every ACS server? Or do I just buy the one license and it gets installed on the primary configuration server which then covers the whole deployment?
Thanks
Mario
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: