I'm willing to do the HA configuration between the two Managers and the two Servers? I had three concerns on this
1- CAM DNS mapping: if I do this locally on the CAM appliances, would I map the name to eth0 IP address or the eth1 IP address (where the cross over cable is connected).
2- I'm generating temporary certificates on the Primary CAS and l load them to the secondary but I get a failure. What is the purpose of the SSL certificate on the CAS?
3- I https into the service IP and I get to the primary CAM, when I add the service IP of the CAS It gives a message saying cannot add the server. (Note: previously I had the Primary CAM and CAS working fine, the system (CAS) went down only after adding the secondary CAS, but I still can access both CAS through https and ssh).
Re: Configuring HA on Cisco NAC (Cisco Clean Access)
1. For HA setups, the name should resolve to the Virtual IP address of the trusted side
2. SSL certs are used for all sorts of communications on the CAS and CAM. On the CAS it's used for HA, client communications and CAM/CAS communications.
3. You need to add the cert that you installed on both the CASs to the Trusted Certificate Authorities tab on the CAM. Do this on both CAMs. Also take the CAM cert and install that in the Trusted Certificate Authorities tab on both CASs. This is assuming you did self-signed certs on all devices.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...