A customer of mine is currently dual homed to one single provider with multiple local routers. We are load sharing using local preference in BGP. I was reading about Optimized Edge Routing (PfR) and would like to solicit some input regarding this technology. From what I have gathered with OER, you must define a master controller and define policies for your application traffic. If your traffic remains within the policies, you will utilize the best path detrmined by the routing protocol. If your traffic falls out of policy, the master controller will inject routes or PBR entries to utilize the secondary link until all traffic falls back within the defined policy. Depending on your traffic patterns and your defined policies, the primary link could be used 100% of the time with the secondary link being idle if all traffic falls within the policies. I understand that this may work well for real time applications like voice and video but I do not see the benefit for my customer. With the current setup, we are utilizing both links all the time. Has anyone deployed this technology and can you provide some benefits it has over other traditional load sharing techniques? Regards ... View more

Hello, A client of mine is currently running ACS 2.6 on a Windows NT server. They have configured the Unknow User Policy to check the local Windows Database for any users that are not found in the ACS internal database. Is there any way to import their password from the Windows external database to the ACS internal database? What I have read below seems to tell me that this is not possible. CiscoSecure ACS does not import passwords for a discovered user; rather, CiscoSecure ACS creates the user account with the Password Authentication list set to the external user database that originally authenticated the user. I know another option is to use the RDBMS Synchronization but it looks to me like if I were to add the password I would need to add it manually for each user. Regards ... View more