Register Secondary ACS with Primary ACS 5.4 patch 6 and getting error
Scenario #1: prodacs1 and prodacs2 version 5.4 patch 6 with IP address of 10.1.1.1/24 and 10.1.1.2/24, respectively. Both prodacs1 and prodacs2 are running on VMWare ESXi 5.1. Both are sync'ed with Active Directory and authenticate users to manage Cisco routers and switches without any issues. prodacs1 is the Primary and prodacs2 is the Secondary. BOTH prodacs1 and prodacs2 USE THE SAME LICENSE. Both prodacs1 and prodacs2 are resolved in DNS for both forward and reverse lookup. In this production environment, everything is working as expected.
Scenario #2: NEW deployment in the lab labdacs1 and labacs2 version 5.4 patch 6 with IP address of 192.168.1.1/24 and 192.168.1.2/24, respectively. Both labacs1 and labacs2 are running on VMWare ESXi 5.1. Both are sync'ed with Active Directory. BOTH labacs1 and labacs2 USE THE SAME LICENSE as scenario #1. Both labacs1 and labacs2 are resolved in DNS for both forward and reverse lookup.
However, when I tried to add labacs2 into labacs1 so that labacs2 is the secondary and labacs1 to be the primary. From labacs2 interface: System Administration >Operations >Local Operations >Deployment Operations, I enter the hostname/IP address, username/password of labacs1, then I click on "Register with Primary", I get this message:
This System Failure occurred: server cannot be added to the deployment. Server has same License ID as server labacs1 that already exists in the deployment. Your changes have not been saved.Click OK to return to the list page.
Why is not working? Furthermore, why is it working in one environment but not the other with the same idetical ACS version & patch. Work in production environment but not other.
Anyone has run into this before? how do you fix this?
What type of license are you using in first deployment?
There are 2 type of licenses
Base license - Install a unique base license for each of the ACS secondary servers in the deployment.
Large Deployment add-on license - It allows a deployment to support more than 500 network devices. Only one Large Deployment license is required per deployment, as it is shared by all instances
Please check what type of license are you running in your deployment.
In order to fix issue in your 2nd deployment you need reset-application config on your secondary, install the new unique base license (based on show udi) and register it to primary node to get the configuration replicated.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...