Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Replication Issues

I am currently running 3.3 and TAC will not support it. I am working to upgrade to 4.2 soon (software has been sitting around for 2 years from my predecessor). My big issue that can't wait until the upgrade is:


Anytime I replicate from my Primary server, it will change any Juniper BXR devices' "authenticate using" from Juniper to Marconi. I have to go in and manually change all of them back after a replication. So I turned auto-replicate off, but in prepping for the upgrade (organizing groups, cleaning up users, correcting permissions etc.) Its causing a lot of problems.


Anyone have a clue?

Ryan

Everyone's tags (1)
6 REPLIES
Cisco Employee

Re: Replication Issues

This suggests a database corruption issue. Do you have a spare ACS server where you can restore a current backup from the production server,

and test?


Also, which ACS is changing the authentication type, the primary or the secondary?

New Member

Re: Replication Issues

This suggests a database corruption issue. Do you have a spare ACS server where you can restore a current backup from the production server,

and test?

We have multiple sites (6 servers). The primary will replicate to them and I make all changes on the primary. The error only occurs on 2-3 of the secondary servers.


Also, which ACS is changing the authentication type, the primary or the secondary?

Secondary

Cisco Employee

Re: Replication Issues

Two thoughts come to mind:

Re-image the affected secondaries

Restore on the affected secondaries a backup from one of the not-affected secondaries

The idea here is to start with a known good database, either empty or from an ACS without the problem.

New Member

Re: Replication Issues

Ok, corruption issue and re-imaging makes sense. I've never done that and upgrading is going to be my first attempt with a server. I was hoping upgrading would fix it anyway...

Is there a way to login (web) and overwrite the secondary with a good secondary or the primary? Do I have to go through the entire "reformat" the appliance (not sure if I mentioned it the appliance not a windows server) to accomplish this? Or is there another way?

Thanks again,

Ryan

Cisco Employee

Re: Replication Issues

Restoring a backup from one of the known good secondaries can be done entirely via the GUI, you just need an FTP server as the repository for the backup saveset.

Re-imaging the appliance requires physical access to it.

New Member

Re: Replication Issues

Ok, sorry for the delay. I upgraded all of the servers and am still having the replication issue. I was able to dig up some info on it though. I found that if the VSA's under Interface Configuration do not match...then it will cause my issue. On one bad server I was missing a VSA (Marconi) and the other has all of the primaries but is in a different order. Apparently it checks by slot. So if a VSA is in a slot that that it expects to dind say Laurel but finds Marconi...it will change the "authenticate using" box in the NDG devices. I was able to add the missing VSA to the one....but cannot figure out how to change the order. When I added the VSA to the one having missing issues....it put it in the middle of the order...so no rhyme or reason.

I was wanting to try deleting them all and then red-adding them...but knowing it puts them in a random (so it appears to me) I don't think it will help. Our Cisco rep said the GUI display of the order is not accurate anyway. He said the actual slot order is in the database...which I don't know how to see. I know you can change the slot number in the CSV when you add a device....but I don't know the numbering scheme for the slots. Cisco said 1-10 is taken by default?

Help?
280
Views
0
Helpful
6
Replies
CreatePlease to create content