Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
659
Views
0
Helpful
2
Replies

ACS 4.1 and VMWare ESX Servers

simon.bell
Level 1
Level 1

‎03-27-2008 01:31 PM - edited ‎03-10-2019 03:45 PM

A while back, we had some issues with our ACS servers running on VMWware ESX. We've since upgraded ESX to 3.5 and I was wondering if there are any further problems?

We're running ACS 4.1.(1) Build 23 Patch 3 on ESX 3.5.

The reason I ask is because we're in the process of bringing Cisco Works LMS 3.0.1 online in parallel with our 2.6 and are having some issues integrating with ACS.

When LMS does the Verification process we get the following:

Primary ACS Verification Status (acs1)

Tacacs+ Connectivity : Reachable

HTTP/HTTPS Connectivity : Reachable

AAA Client : Not Configured

Secret Key Verification : Not Applicable

System Identity User : Not Applicable

Secondary ACS Verification Status (acs2)

Tacacs+ Connectivity : Reachable

HTTP/HTTPS Connectivity : Reachable

AAA Client : Not Configured

Secret Key Verification : Not Applicable

System Identity User : Not Applicable

Tertiary ACS Verification Status ( acs3 )

Tacacs+ Connectivity : Reachable

HTTP/HTTPS Connectivity : Reachable

AAA Client : Configured

Secret Key Verification : Success

System Identity User : Not configured properly for - (cwhp,cwportal,CiscoView,rme,CM,dfm)

ACS 1 and 2 are both running on VMWare ESX 3.5 servers

ACS 3 is on real hardware

ACS1 replicates down to 2 & 3 but not visa/versa.

When we were on a older version of ESX we had problems running jobs so we moved our current LMS 2.6 install to ACS3. However, ACS 1 and 2 both have the CW information registered.

Any thoughts as to what the problem could be? Are there still issues with CW and ACS while ACS is running on VMWare ESX?

Labels:
0 Helpful
2 Replies 2

cisco24x7
Level 6
Level 6

‎03-27-2008 01:52 PM

I am running VMWare ESX 3.5 on a Dell 1850

dual Xeon processors with 12GB RAM.

on the ESX Servers, I am running Checkpoint

Provider-1 NGx R65 as an instance

I also have another instance of Win2003 SP2

and I have ACS 4.1(1) build 23 patch 3.

I have another instance of Win2003 SP2 running

RSA SecurID

I have another instance of Redhat Linux ES 3

running Steelbelt radius

All the integration works fine with VMWare

ESX.

I think the integration you have has to do

with Cisco Products integration and not VMWare

ESX.

CCIE Security

0 Helpful

simon.bell
Level 1
Level 1
In response to cisco24x7

‎03-31-2008 12:56 PM

When I go through the integration piece, LMS checks the credentials, NDG, Local admin etc. However when it runs this check against a ACS server on VMWare it fails 90% of the time. however when I run against an ACS serve on real hardware, it succeeds 98% of the time.

Any assistance would be very helpful.

simon

0 Helpful
Customers Also Viewed These Support Documents