Hi all, I am designing a new Cisco ACS deployment to handle AAA services for all our network devices. I have read the user guides and I understand the different deployment scenario's. However, what i could not find in the user guide, were answers to the questions below...
Number of AAA clients, using command authorisation, that a single ACS server can handle?
Does a Large Add-On license (for more than 500 nodes) need to be purchased for every ACS server, or does one license cover the whole deployment?
How is AAA load-balancing performed? Does each AAA server need to be defined individually on every Network device? Or is there some intelligence build in to the AAA servers so that they can distribute the load themselves? Or can a load balancer be used like you can with Cisco ISE PSN nodes?
Supported number of clients depends on License for example
The base license is required for all deployed software instances and for all appliances. The base license enables you to use all ACS functions except license-controlled features, and it enables standard centralized reporting features.
The base license:
Is required for all primary and secondary ACS instances.
Is required for all appliances.
Supports deployments that have a maximum of 500 NADs.
The following are the types of base licenses:
Permanent—Does not have an expiration date. Supports deployments that have a maximum of 500 NADs.
Evaluation—Expires 90 days from the time the license is issued. Supports deployments that have a maximum of 50 NADs.
I knew all of that. I read that in the user guide too... what I asked was how many NADs can each ACS server handle? In other words, how do I know how many ACS servers I need in my deployment?
The other question was, to upgrade to unlimited NADs, do I have to buy an add-on license for every ACS server? Or do I just buy the one license and it gets installed on the primary configuration server which then covers the whole deployment?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...