Hey all..
I currently have an ACS 5.x (5.2) install at 2 sites that is working properly for the most part.
What I think I want to do, is have my primary ACS and RSA servers at one site, and the replicas at a 2nd site. This is currently setup and working. The ACS instances look like they're replicating properly, as well as the RSA instances.
My question, is how does ACS handle failovers? If I lose connectivity from Site 1 to Site 2, how will ACS/RSA work locally for authentications at Site 2?
I would think that a device should be able to hit the ACS server locally (this would be the secondary instance), and the ACS server would then contact the RSA server to authenticate the user. But because the configured RSA server is at Site 1, it won't be able to. So I add a second RSA server under RSA Servers, then add that to the Identity store sequence, therefore, ACS will try to contact the Primary RSA first, fail, then try the 2nd RSA server?
I'm not sure if I'm being clear or not.. if not, please ask some questions and I'll try to be specific as possible.
I guess my main problem is understanding how this failover will work.
ACS 5.2
RSA 7.x
Thanks!