07-12-2017 07:29 AM
Hi i need to migrate one of the old ACS 4.X to ISE 2.2
I am wondering if anyone guide me what sort of approach i need to take and how i be able to export and move devices partially to new ise.
we don't want to upgrade our ACS to migratable version so everything need to be migrated manually and partially.
Solved! Go to Solution.
07-12-2017 04:31 PM
Khalid
We have done one migration like this. Customer had two ACS 4.2 and we built up two ISE hardware appliances to replace their setup. It's been a little while - but my approach was to create a backup of the ACS config, and then build a lab ACS 4.2 system that I could perform all the data export. In the end I found that I had made too much work for myself because ACS 4.2 GUI does allow some rudimentary exporting of data (it's not immediately obvious - but there are some obscure hyperlinks on the GUI that then export things like Users (and I think NAS as well)). If you don't have a lot of static data like this then just rebuild it from scratch. We also found that we got rid of a lot of junk during that process (cleanup of old config that was no longer relevant)
You'll be better off creating all the AuthN/Z Policies from scratch.
So far I have not found anything that ISE 2.2 doesn't support (except the exporting of logging data to an SQL repository - one of my ACS 5.4 -> ISE migrations had this ( Monitoring Configuration > ... > System Configuration > Remote Database Settings) , but in the end the customer was happy to drop that requirement).
07-12-2017 12:52 PM
Please check Migrating CISCO ACS 4.2 to CISCO ISE 2.2 doubts
07-12-2017 04:31 PM
Khalid
We have done one migration like this. Customer had two ACS 4.2 and we built up two ISE hardware appliances to replace their setup. It's been a little while - but my approach was to create a backup of the ACS config, and then build a lab ACS 4.2 system that I could perform all the data export. In the end I found that I had made too much work for myself because ACS 4.2 GUI does allow some rudimentary exporting of data (it's not immediately obvious - but there are some obscure hyperlinks on the GUI that then export things like Users (and I think NAS as well)). If you don't have a lot of static data like this then just rebuild it from scratch. We also found that we got rid of a lot of junk during that process (cleanup of old config that was no longer relevant)
You'll be better off creating all the AuthN/Z Policies from scratch.
So far I have not found anything that ISE 2.2 doesn't support (except the exporting of logging data to an SQL repository - one of my ACS 5.4 -> ISE migrations had this ( Monitoring Configuration > ... > System Configuration > Remote Database Settings) , but in the end the customer was happy to drop that requirement).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide