ACS Network Devices and AAA Clients

tomyip · ‎11-25-2015

In ACS 5.8, is there a limit on the number of entries in the Network Devices and AAA Clients page?

Ivan Gonzalez · ‎11-26-2015

Hi Tom,

Yes, there is a limit of 100000 network devices that ACS supports:

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-8/release/notes/acs_58_rn.html#pgfId-435175

Note: Please mark as answered if applicable.

RUEDIGER SCHNEIDER · ‎12-22-2015

Is there a limit of 100,000 network devices (that means, every network device for exmple can include a lot of IP subnets) or ist there a limit of 100,000 IP-Addresses for the clients?

Regards

Ruediger

Ivan Gonzalez · ‎12-22-2015

Hi Ruediger,

This limit is for 100,000 AAA clients ( devices that will be using ACS as radius server, for example IOS devices, ASAs NX-OS etc ) you are able to create AAA clients using subnets ( if you use a subnet all IP addresses on that subnet will be counted for the 100,000 Network device limit ).

I hope this helps to clarify your concerns.

RUEDIGER SCHNEIDER · ‎12-23-2015

But I can configure a network device with with a IP subnet 192.0.0.0/8 (more than 16,000,000 clients) and everything still works ...

regards

Ruediger

Ivan Gonzalez · ‎12-23-2015

Hello Ruedier,

It might work for you, but I do not think ACS will be able to handle authentication request for 16,000,000, and additional to this, it is documented the ACS deployment limit is 100,000, hence 16,000,000 AAA clients would be an unsupported environment.

Nadav · ‎11-30-2015

Just adding one point to ivan's correct answer: The number of AAA clients is also subject to the licensing of your ACS instance. For 500 AAA clients and above you'll need a large deployment add-on license in addition to the base license.