Showing results for 
Search instead for 
Did you mean: 

Database replications fails between the primary and secondary Cisco Secure ACS solution engine


Core issue

In this issue, the database replication fails between two ACS solution engines. These errors are seen or primary and secondary servers once the replication fails:

On Primary:

ACS "name" has denied replication request

On Secondary:

Inbound database replication from ACS "name" denied - shared secret mismatch

This issue occurs due to the wrong IP address on the Cisco Secure ACS solution engine.

At times, even though the correct IP address is configured during initial configuration, once the ACS SE is configured, the entry for the correct IP address disappears, which is not normal. Then you see an entry with the Appliance name with an IP address

If you only have one ACS SE and set this ACS SE for authentication, then everything works fine, but if you get replication to go to another ACS SE, then it does not work.  But sometimes it works for the first time in many cases.

Also, you cannot modify anything for the, and it always gives you the shared secret key mismatch error.


The resolution for this issue is to re-image the ACS SE and ensure that it does not get an IP address

Refer to these documents in order to accomplish this task:

Note: During re-image, ensure that ACS SE plugged into the network and that the administrator is connected to ACS SE with the console connection only.

Recognize Your Peers
Content for Community-Ad