I have a problem replicating ACS database through an FWSM blade. The primary ACS is under a Mgmt zone in the FWSM. A secondary one, located in the same zone receives replication with no problems. All others that sit outside the Mgmt zone do not receive replication. TCP 2000 required for replication is open along the path. I can see the sessions initiated on the FWSM through CSM, but these sessions expire after the replication timeout and are closed by the FWSM. No trace of connections reaching the secondary ACSes appears in the Database replication log of the receiving ACSes. Any caveats on this issue? NAT shouldn't be an issue here since no NAT is performed along the path. Any ideas?
Cisco Secure Access Control Server (ACS) is a powerful tool that allows network administrators to centrally manage AAA (authentication, authorization, and accounting) on a wide range of Cisco devices. You can deploy an ACS server in a standalone configuration or in a redundant topology. In order to provide failover capability, two or more ACS machines share database components at preconfigured times.
Refer the following url for more information on "Secure ACS Database Replication Configuration":
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...