Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco ACS questions for new deployment

Hi all, I am designing a new Cisco ACS deployment to handle AAA services for all our network devices. I have read the user guides and I understand the different deployment scenario's. However, what i could not find in the user guide, were answers to the questions below...

Number of AAA clients, using command authorisation, that a single ACS server can handle?

Does a Large Add-On license (for more than 500 nodes) need to be purchased for every ACS server, or does one license cover the whole deployment?

How is AAA load-balancing performed? Does each AAA server need to be defined individually on every Network device? Or is there some intelligence build in to the AAA servers so that they can distribute the load themselves? Or can a load balancer be used like you can with Cisco ISE PSN nodes?

Thanks

 

Mario

5 REPLIES
New Member

one other question I have

one other question I have just thought of is that for resilience, the two ACS servers will be physically dispersed.

Do the Primary & Secondary ACS servers need to be in the same broadcast domain for a successful failover to occur?

Thanks

Mario

New Member

ACS Server can be in diffrent

ACS Server can be in diffrent subnets to form a Cluster.

The first configured Server on your switch will be used for authentication.

 

Horst

New Member

Thanks.So every AAA server

Thanks.

So every AAA server that I have in my ACS deployment will have to be explicitly configured on every NAD?

We cannot use load balancers? (like you can with the ISE for RADIUS authentications).

 

Thanks

 

Mario

Cisco Employee

Supported number of clients

Supported number of clients depends on License for example

The base license is required for all deployed software instances and for all appliances. The base license enables you to use all ACS functions except license-controlled features, and it enables standard centralized reporting features.

The base license:

  • Is required for all primary and secondary ACS instances.
  • Is required for all appliances.
  • Supports deployments that have a maximum of 500 NADs.

The following are the types of base licenses:

  • Permanent—Does not have an expiration date. Supports deployments that have a maximum of 500 NADs.
  • Evaluation—Expires 90 days from the time the license is issued. Supports deployments that have a maximum of 50 NADs.

 

New Member

Hi, I knew all of that. I

Hi,

 

I knew all of that. I read that in the user guide too... what I asked was how many NADs can each ACS server handle? In other words, how do I know how many ACS servers I need in my deployment?

The other question was, to upgrade to unlimited NADs, do I have to buy an add-on license for every ACS server? Or do I just buy the one license and it gets installed on the primary configuration server which then covers the whole deployment?

 

Thanks

Mario

53
Views
0
Helpful
5
Replies