cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1466
Views
0
Helpful
6
Replies

Cisco ACS 4.2 migration to ACS 5.4 advice

dan hale
Level 3
Level 3

Hello all, we are planning migrating off our ACS 4.2.0.124 ( non appliance ) to ACS 5.4. I'm looking for any advice or tips from anyone that has done the migration.

Is the migration tool intrusive or can it be run at anytime?

I thought about not using the migration tool and do a new install however we have a few hundred MAC address entered for a Mac authenticated SSID as well as about a 100 switches and routers for TACACS.

We have about a half dozen WIreless Controllers that use AAA with a mix of SSID's that are doing WPA2 with Mac authentication, LEAP, and, PEAP. We also use TACACS for routers and switches and AAA for anyconnect users.

Any advice on the migration process would be appreciated.

Thanks,

Dan

6 Replies 6

George Stefanick
VIP Alumni
VIP Alumni

It's just my 2 cents. It may be easier to rebuild the new 5.x from the ground up .. It's a great learning process. 5.x is so much different from 4.x . The time invested in the rebuild will help tremendously to get you started ..



Sent from Cisco Technical Support iPad App

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

I would not mind the ground up approach however, I have several MAC address in our old ACS server for MAC authentication. Seems like that would be a little bit of a headache to manually put those address in.

Thanks,

Dan

Hello Dan,

I've done the migration without using the migration tool. I had too many MAC addresses for MAB.

I used a CSV file to import the MAC addresses to the new ACS.

In the ACS 5.x you can prepar a CSV file (file format is downloadable from ACS itself after you install it) and put all your MAC Addresses (or IP addresses in case of TACACS+ AAA clients) and then the file can be imported to the ACS to add all the addresses (or users, machines...etc) listed in the file.

check the following links for more information:

http://tiny.cc/in1b1w

https://supportforums.cisco.com/docs/DOC-32606

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

Thanks Amjad, how did you export the data on the old ACS 4 server? Is there a another utiltiy that will grab the users/passwords that are in a paticular group?

Thanks,

Dan

Actually I managed to copy/paste from the ACS4.2 to the CSV file. The passwords will not be imported though so you have to reset the password for all users and let them change it.

If I were you I would have use the import utility to migrate users to keep the password then I will update the information of users (including group membership) via update template CSV file.

The migration I used before included few users that I could create on the spot and ask them to reset the password.  Most of the data were MAC addresses for MAC auth and IP addresses for TACACS+ AAA clients (switches, routers...etc).

If you have too many users then the migration tool is your friend to get them imported without having to reset the password.

It is also important that you read the migration guide before you use the utility. You'll find valuable information about what will be imported and how. What data will be maintained and what will not.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

megnotleykun
Level 1
Level 1

 

Hi,

 

Recently i migrated from ACS 4.2 ( in windows) to ACS 5.4 ( in sns 3415) using Migration utility.  It was smooth migration, everything works except the log files in the .csv format were not migrated.

Please help me on how to migrate the log files.

 

 

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: