cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1827
Views
0
Helpful
12
Replies

ACS-TACACS 4.2 upgrade to 5.2

JOE FOLEY
Level 1
Level 1

        Hello everyone, we currrent run the ACS Services on an IBM 346 standalone server runnig Windows 2008 server 32bit and would like to upgrade to 5.2 We have another  spare identical IBM box and would like to use it if we can. Has anyone had any issues going from 4.2 to 5.2 with an intermediate upgrade?

Is 5.2 my best bet?

Thanks!        

1 Accepted Solution

Accepted Solutions

ACS  5.4 does not support the auto installation of evaluation license.  Therefore, if you need an evaluation version of ACS 5.4, then you need  to obtain the evaluation license from Cisco.com and install ACS 5.4 manually.

If  you do not have a valid SAS contract with any of the ACS products, you  will not be able to download the ISO image from Cisco.com. In such case,  you need to contact your local partner or the cisco representative to  get the ISO image.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.4/release/notes/acs_54_rn.html

Jatin Katyal
- Do rate helpful posts -

~Jatin

View solution in original post

12 Replies 12

Jatin Katyal
Cisco Employee
Cisco Employee

The best bet would be ACS 5.4

Migration from 4.x to 5.4

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.4/user/guide/migrate.html

ACS 5.4 Migration Utility Support

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.4/migration/guide/Migration_support.html

NOTE: Make sure we don't use RDP for the migration process.

Jatin Katyal
- Do rate helpful posts -

~Jatin

Thanks so much this is very clear and consise. I have a standalone box loaded with esxi 5.1.0 and have a temp license from Cisco for the ISO.   I have searched around looking for the VmWare ISO download for ACS 5.4, any clue where to point me?

Thanks again

ACS  5.4 does not support the auto installation of evaluation license.  Therefore, if you need an evaluation version of ACS 5.4, then you need  to obtain the evaluation license from Cisco.com and install ACS 5.4 manually.

If  you do not have a valid SAS contract with any of the ACS products, you  will not be able to download the ISO image from Cisco.com. In such case,  you need to contact your local partner or the cisco representative to  get the ISO image.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.4/release/notes/acs_54_rn.html

Jatin Katyal
- Do rate helpful posts -

~Jatin

I do have the evaluation license from Cisco - downloaded today........I do have the a valid SAS contract and got the license already, I just need to load the ACS 5.4 , cant find that ISO anywhere, is that where my partner comes in?

sorry if I sound confused...

You may download it from here:  http://tools.cisco.com/squish/2B932

Provided you have rights to download it. In case you don't then partner or cisco accounts team will come in picture.

Path

Downloads Home

Products

Security

Access Control and Policy

Policy and Access Management

Cisco Secure Access Control System

Cisco Secure Access Control System 5.4

Secure Access Control System Software-5.4.0.46.0

Let me know if that helps.

Jatin Katyal

- Do rate helpful posts -

~Jatin

Are you able to download the ISO image from the suggested link/path.

Jatin Katyal
- Do rate helpful posts -

~Jatin

Trying now....

No Go....got to go see the boss, I know we have support, its probably just the contract number I am missing...will let you know how I make out....thanks for being there....really, you have been a big help!!!!!

Thanks,

Joe

Hi Jatin , I know its been a while, but I was able to get most of the peices in place to test out a migration. What I have to date is a pair IBM3650 servers each with 6GB of ram and 146GB HDD...on one I have loaded the 32 bit version of W2K8 and have my current version of TACACS (4.2.0.124) loaded, and restored a backup of the primary server, all up and running, verified is a copy of the Primary ...this wil be used as the "migration" server as depicted in the Cisco documents regarding the migration utility.

Windows FW  has been disabled and no AV is present

On the second box I have VM ESXi 5.1 loaded and have also got the TACACS 5.4 version loaded as a guest.

each of these boxes are currently on the same test network with the VM Mangement being on a seperate network.

the documents state that the migration uitility should be downloaded and run from the "migration server" which I have done but fails stating the following:

Connecting to ACS5.x please wait...

Unable to connect to ACS 5.x to begin Import. Please ensure that:
1. Migration interface is enabled in the ACS 5.x server with command acs config-
web-interface migration enable .
2. ACS 5.x services are running.
3. ACS 5.x username and password are correct.
4. ACS 5.x has a compatible license installed.

Now I have checked what I can as below

#1 checked the command on the TACACS Guest shows its running "migration interface enabled"

also shows ucp interface is disabled and view interface is disabled

#2 No show services command so I cant tell for sure

#3 username is present as is in the Migration Server and visable in the web browser but not in the CLI

# License installed ( we purchased one in the time since our last conversation )

Any help is appreciated when ever you have time or if you can just point me to a proper document.....have done so much reading its all turning to gray now.....thanks so much

Message was edited by: JOE FOLEY Sorry Jatin I originally typed Justin...my bad....apologies!

Moved my migration server from WIN2K8 to WIN2K3 and the migration tool worked.....now there is the learning curve for the new ACS 5.4....oh well....thanks again for the help!

Sorry Joe, I couldn't reply on time as was busy on lots of other stuff. Good to know it worked for you.

Have a great day!!!

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin