Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
465
Views
0
Helpful
2
Replies

Issue after ACS server migration

Jean Paul Enerst
Level 3
Level 3

‎09-16-2010 08:42 AM - edited ‎03-10-2019 05:24 PM

Hi All,

            We had that ACS VM server that was loosing PING from time to time, after a bunch of unsuccessful troubleshooting. We have decided to rebuild the vm machine and migrate ACS from backup to the new server.

So the new server is built and migration was okey. Both machine were runing at the same time with the same cert! No new cert issued yet for the new server. After a patch install, the new server is no longer received auth request(anything doesn't show in the pass/failed auth logs). But the old server still receive the request,but client,mainly laptop, can't authen(log showing supliant didn't respond correctly to ACS, check suppliant ) while BLACKBERRY still able to auth with the old server just fine! Certs for BB were imported from Clients.

My question is: Do i need a new cert for the new server or can the new server will still able to use the cert for the old server. BTW the name of the server and IP add were changed during the rebuild which making me think to issue new cert for the it(just comon sense)?

Thanks,

JPE

Labels:
0 Helpful
2 Replies 2

Javier Henderson
Level 4
Level 4

‎09-16-2010 09:18 AM

It is not clear whether the new server is at the old server's IP address or not.

If it is at a new IP address, have you changed the configuration on your AAA clients (routers, switches, wireless access points, etc.) so they use the new ACS server?

0 Helpful

Jean Paul Enerst
Level 3
Level 3
In response to Javier Henderson

‎09-16-2010 09:53 AM

All the IPs have been changed in all the device. Infact, all the device have the new server IP address as the primaire contact and the second server as a backup. It was working fine this way yesterday. The primary server got all the request and authicated all the client. According to the Server guys that build the server, it was a patch install yesterday evening and this patch suppose to get the new server OPERATIONAL. I don't really know what he means that operational.

Once again my question is, I do  i need a new cert for the server? Which I think makes sense,but I don't this is the only issue. With a cert issue, the server should still receive auth request,but all auth will fail with mentioned: auth fail during ssl handshake. But there is nothing in the logs, i triple check the log is enable!! For me this server does not receive the request come from the client!!

Thanks a bunch,

JPE

0 Helpful
Customers Also Viewed These Support Documents