Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1431
Views
0
Helpful
2
Replies

ACS 5.2 design issues

Go to solution
jennyjohn
Level 1
Level 1

‎07-24-2011 05:39 AM - edited ‎03-10-2019 06:14 PM

Is it possible to have my network run ACS 5.2 Appliance (CSACS-1121-K9) as primary and a ACS 5.2 VMWare (CSACS-5.2-VM-K9) Server as Secondary? Will I have any base license issues?

Else if I am intend to run ACS 5.2 VMWare Servers are my primary and secondary. Should I purchase 1 or 2 VMWare Software(s) (CSACS-5.2-VM-K9)??

we are currently having a ACS 4.2 Appliance on a 1113 platform, is there any upgrade option to ACS 5.2 Appliance or ACS 5.2 VMWare Server? The Ordering Guide says there are upgrade options like, CSACS-1121-UP-K9 & CSACS-5.2-VM-UP-K9 to upgrade from previous versions. But the Migration Document, says that the ACS4.x appliance has to be backup and restored to a ACS4.x windows server before migration. That does not seem like a easy migration. Is there any other solution?

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/migration/guide/Migration_support.html#wp1016086

Is the new ISE product better for AAA/TACACS+ or should I have a seperate ACS for AAA?

Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tarik Admani
VIP Alumni
VIP Alumni

‎07-24-2011 11:07 AM

Jenny,

Here are the answer to your questions:

Is it possible to have my network run ACS 5.2 Appliance (CSACS-1121-K9)  as primary and a ACS 5.2 VMWare (CSACS-5.2-VM-K9) Server as Secondary?

Yes

Will I have any base license issues?

No

Else if I am intend to run ACS 5.2 VMWare Servers are my primary and  secondary. Should I purchase 1 or 2 VMWare Software(s)  (CSACS-5.2-VM-K9)??

This is just sku which included another license that you purchase. You do not purchase the software from us, only licensing. You can most likey download the software from the cisco site.

we are currently having a ACS 4.2 Appliance on a 1113 platform, is there  any upgrade option to ACS 5.2 Appliance or ACS 5.2 VMWare Server?

You answered your question on this one, there is a migration process involved that converts your old 4.2 database to 5.2, keep mind that the migration only migrates the tough pieces such as: network devices, network device groups, internal users, ldap database configurations, shell command sets, just to name a few. You will have to reconfigure the authorization policies since acs 5.2 takes on a different model than acs 4.x.

But the Migration Document, says that the ACS4.x appliance has to be  backup and restored to a ACS4.x windows server before migration. That  does not seem like a easy migration. Is there any other solution?

This isnt a bad solution all you have to do is deploy another windows server just to run acs for windows on, then you use vnc to walk through the migration process. You will have to open a tac case for someone to publish the install files and the patches to get you on the same version.

Is the new ISE product better for AAA/TACACS+ or should I have a seperate ACS for AAA?

ISE is a new product that only migrates databases 5.x. Right now ISE 1.0 doesnt have tacacs support.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Tarik Admani
VIP Alumni
VIP Alumni

‎07-24-2011 11:07 AM

Jenny,

Here are the answer to your questions:

Is it possible to have my network run ACS 5.2 Appliance (CSACS-1121-K9)  as primary and a ACS 5.2 VMWare (CSACS-5.2-VM-K9) Server as Secondary?

Yes

Will I have any base license issues?

No

Else if I am intend to run ACS 5.2 VMWare Servers are my primary and  secondary. Should I purchase 1 or 2 VMWare Software(s)  (CSACS-5.2-VM-K9)??

This is just sku which included another license that you purchase. You do not purchase the software from us, only licensing. You can most likey download the software from the cisco site.

we are currently having a ACS 4.2 Appliance on a 1113 platform, is there  any upgrade option to ACS 5.2 Appliance or ACS 5.2 VMWare Server?

You answered your question on this one, there is a migration process involved that converts your old 4.2 database to 5.2, keep mind that the migration only migrates the tough pieces such as: network devices, network device groups, internal users, ldap database configurations, shell command sets, just to name a few. You will have to reconfigure the authorization policies since acs 5.2 takes on a different model than acs 4.x.

But the Migration Document, says that the ACS4.x appliance has to be  backup and restored to a ACS4.x windows server before migration. That  does not seem like a easy migration. Is there any other solution?

This isnt a bad solution all you have to do is deploy another windows server just to run acs for windows on, then you use vnc to walk through the migration process. You will have to open a tac case for someone to publish the install files and the patches to get you on the same version.

Is the new ISE product better for AAA/TACACS+ or should I have a seperate ACS for AAA?

ISE is a new product that only migrates databases 5.x. Right now ISE 1.0 doesnt have tacacs support.

0 Helpful

Go to solution
jennyjohn
Level 1
Level 1
In response to Tarik Admani

‎07-24-2011 11:02 PM

Thanks Tarik, it was very helpful and informative.

0 Helpful
Customers Also Viewed These Support Documents