Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Secure ACS Appliance and Remote Agents

Hi,

we are testing Secure ACS 3.2 Appliance and authentication against AD via remote agents. When two ore more remote agents are registered with the appliance from the network menu, is the Appliance intelligent enough to try the second remote agent machine if it cannot talk to the first one? We tested this failover by stopping the remote agent service on the first domain controller where it was installed. However, failover does not seem to be happening... We want to know if this failover is supposed to work, and if so what we may need to do to make it work.

Yoshi Nagase

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Secure ACS Appliance and Remote Agents

HI,

I'm implementing a solution similar to yours...2 Appliance ACS with 2 remote Agent...

I've defined the remote agents both on Network Configuration and on External user DB - Windows database - Windows remote Agent Selection.

On this menu set Primary and Secondary remote Agent

Hth

Omar

6 REPLIES
Silver

Re: Secure ACS Appliance and Remote Agents

New Member

Re: Secure ACS Appliance and Remote Agents

Thanks a lot for your response!

I went through the user guide (not cover to cover), but could not find where failover of remote agents was discussed. Can you let me know which section discusses this topic?

Best Regards,

Yoshi Nagase

New Member

Re: Secure ACS Appliance and Remote Agents

HI,

I'm implementing a solution similar to yours...2 Appliance ACS with 2 remote Agent...

I've defined the remote agents both on Network Configuration and on External user DB - Windows database - Windows remote Agent Selection.

On this menu set Primary and Secondary remote Agent

Hth

Omar

New Member

Re: Secure ACS Appliance and Remote Agents

Omar,

thank you very much for the information! This looks very promising. I will try this tomorrow. Is fault tolerance configuration working for you? Are you specifying multiple configuration providers in the ini file for remote agent?

Regards,

Yoshi

New Member

Re: Secure ACS Appliance and Remote Agents

HI,

I'm trying to implement...I hope it will work.

You can configure only one Configuration Provider in the ini file.

If you have 2 RA and 2 ACSs the first RA will use as Configuration Provider the first ACS and so on...but for WinAuthentication setup on ACS the RA both on network Config and on External DB Windows Remote Agent Selection so that you should benefit for taulerance

New Member

Re: Secure ACS Appliance and Remote Agents

Omar,

thank you very much for sharing the information. I have finally tested the failover, both from AP to 2 ACSes, and from ACSes to RA's, and they are working well now.

Best Regards,

Yoshi

160
Views
0
Helpful
6
Replies
CreatePlease login to create content