Cisco AAA/Identity/Nac :: ACS 1121 / 5.3 - Remote Database Settings In Monitoring And Reporting
Mar 26, 2012
I am configuring new ACS 1121 appliance with version 5.3 and wanted to know how to configure Remote Database settings in ACS5.3 Is that necessary to configure that option ?
Also one more thing I can see that ACS 5.3 generates lots of logs is there any solution to reduce such logs. It seems many unuseful logs which are system related are getting logged into device which might no be good for memory requirements of device.
View 6 Replies
ADVERTISEMENT
Jan 31, 2011
I have not managed to get the Monitoring to work on the ACS 5.1. This is an eval version. Advanced monitoring and reporting is installed on the ACS. This is my configuration on the Cisco Router
aaa accounting exec default start-stop group tacacs+aaa accounting commands 0 default start-stop group tacacs+aaa accounting commands 1 default start-stop group tacacs+aaa accounting commands 15 default start-stop group tacacs+aaa accounting connection default start-stop group tacacs+
logging origin-id iplogging facility sysloglogging source-interface GigabitEthernet1/1logging host 1.1.1.1 transport udp port 20514
logging monitor informational
epm logging
On the ACS, when I open the dashboard --> ACS health -> I get Status not available.Global Instance under Logging Categories been configured for local logging?
View 4 Replies
View Related
Mar 26, 2012
I am trying to add ACS 1121 (ver 5.3) to monitoring and seems that MIB are missing. Need MIB for this device which I can use in monitoring tool.
View 1 Replies
View Related
Aug 13, 2012
I have 5 installations of ACS appliances (ACS 1121 running ACS 5.3). Is there a way to monitor them via SNMP? The AD client keeps dying on one of them, and even with the newest patch it's not up. Also, i want to monitor them up/down, CPU, memory... basic network monitoring to make sure my devices are healthy.
Any one know if that can be configured? I figured i'd ask here before opening a TAC.
View 2 Replies
View Related
Jun 16, 2010
Just installed ACS 5.0.0.21. Monitoring and reports database was working, but now is not. When trying to open, I get "Monitoring and reports database currently unavailable. Trying reconnect in 5 minutes." From CLI "sho application status acs" gives me the following:
ACS role: PRIMARY
Process 'database' runningProcess 'management' runningProcess 'runtime' runningProcess 'adclient' runningProcess 'view-database' runningProcess 'view-collector' runningProcess 'view-jobmanager' runningProcess 'view-alertmanager' running
Also, logs show nothing unusual.
View 6 Replies
View Related
May 26, 2013
Would like to check up either Microsoft SQL Express 2012 is able work with ACS 5.3 remote database?
View 5 Replies
View Related
Jan 10, 2013
1) How do you manage your inventory of network equipment from the time you receive a product into inventory to the time you decommission it?
2) How do you make aware the people who manage your network monitoring/reporting software that a device has been added/removed from the field?
2a) How do you notify the people who manage your network monitoring/reporting software of what is to be monitored on a new device in the field? Of a new interface that has been added/removed on an existing device?
2b) How quickly do you notify for 2/2a? i.e. minutes, hours, days, etc.
3) What types of interfaces and resources do you monitor on a network device?
View 3 Replies
View Related
May 16, 2011
I'd like to know if there is a way to exclude passed authentications for a specific username from reporting in the Authentications-TACACS and Authentications-RADIUS reports?
We have a few usernames that are used in scheduled jobs. We only need to know when they fail authentication, so we don't need to fill up the reports with every passed authentication from these accounts. Can this be done?
View 1 Replies
View Related
May 31, 2013
It's impossible to use acs 5.2 recovery DVD to cisco 1121 acs 5.1?
View 7 Replies
View Related
May 15, 2011
integrated the Cisco ACS 1121 with 5.1 and AD and been able to use multiple policies to permit or deny access to different NDG? I am able to authenticate agains AD but I am having an issue with getting the policies to use the user memberOf attribute to set access levels.
View 1 Replies
View Related
Jan 6, 2012
It has been more than a year since a customer bought a Cisco ACS 1121. It was unpacked then and the PAK is lost, no where to be found. Is there any way to retrive the lost PAK ?
View 19 Replies
View Related
Jun 7, 2013
I have a clarification related with ACS 1121. Client needs a solution for ACS feature, instead of investing on ISE Base, is there any model exists as ACS appliance only. I believe ACS 1121 is going to be EOS and it says SNS 3415 is the replacement model .
What I am confused is , It is an ISE as well as ACS and there is separate licensing for ISE (as base and advanced). What should i do , if i need to select SNS 3415 as ACS appliance ? is it built in or should i need to add anything extra ?
View 3 Replies
View Related
May 2, 2011
Newly shipped cisco ACS appliance 1121 has been shipped with ACS version 5.0 , I need to downgrade to ACS version 4.2,0 , I could not see recovery CD or DVD for acs 4.2 along with shipment , Is ACS 1121 appliance is comptaible to acs 4.2.0 version ? .
My ACS BOM details
CSACS-1121-K9
ACS 1121 Appliance With 5.1 SW And Base license
[code]....
View 2 Replies
View Related
Mar 27, 2011
how to configure LAN teaming in Cisco ACS 1121. My requirement is to have virtual IP in the server with two physical IPs in the available 2 interface in the server.
View 1 Replies
View Related
Aug 11, 2011
Is it possible to have Dual NIC on ACS v5.2 such as teaming or any else??
I am thinking of connecting the two NIC on the CSACS-1121-K9 appliance to two switches on the same network, but wondering if it will be possible or not.
View 1 Replies
View Related
Jun 3, 2012
I have an issue with applying a patch to an ACS 1121 appliance running version 5.2.0.26. I have 5 units that needed updating and the first one is the unit with the problem. The subsequent ones updated with no issues.
When I do a show version the 5.2.0.26.10 does not show. When I try to do a reinstall I get back patch all ready exists. When I try to do an uninstall I get back patch does not exist.
Is there a command can wipe out patch 10, so I can start over? The CLI factory-reset only wipes the web configuration not the running-config or IOS.
View 7 Replies
View Related
May 29, 2013
My customer has an ACS 1121 version 5.4. Now we want to install a secondary ACS 1121.
View 2 Replies
View Related
Oct 31, 2012
Im installing & configuring a new ACS 1121. Ive updated to version 5.3 with patch:This temporarily solves my Active Directory problem but i still would like to have the NTP server pointing to the same reference as the Active Directory.
View 1 Replies
View Related
Jan 11, 2012
I have to migrate two appliances ACS SE 1112 under 4.0.1 to new two appliances ACS SE 1121 under 5.2 version.I would like to clarify the procedure to do it by minimizing down time impact.I saw there are Migration Utility and Import Tool but do I need an Intermediate Windows Server to do this migration ?
View 1 Replies
View Related
Jun 20, 2012
I have an ACS Server 5.1 which is used to authenticate my cisco and non-cisco devices. however when I take report on my authentications, the time shown in the report is wrong. However, when I take my mouse pointer to the report , the correct time is highlighted.
View 4 Replies
View Related
May 29, 2013
We upgraded a CSACS-1121 from ACS 5.2 to ACS 5.4 with CLI Application upgrade ACS_5.4.0.46.0a.tar.gz FTP After ACS reboot, services never start... After 15 hours, we always get same message:
ACS/admin# show application status acs
Application initializing...
Status is not yet available.
Please check again in a minute.
We installed patch 5-4-0-46-2.tar.gpg but we got same issue for 2 hours ...What could I do?
View 4 Replies
View Related
Aug 21, 2012
We have 2 CSACS 1121 with Cisco ACS 5.2.0.26.10 The primary server manages 20000+ authentications per day. Its memory utilization increases everyday. It is now at 83% , there a limit?,What will happen when memory utilization reach this limit?,What can we do to purge memory utilization? (reboot, service restart.
View 11 Replies
View Related
Apr 13, 2011
Is it possible to edit the hosts file on an ACS 1121 server running ACS 5.2? Our problem is we have a single domain with multiple domain controllers at different sites. So when the ACS server tries connecting to the domain it randomly picks a domain controller which it can't connect to thus causing it to fail.
View 5 Replies
View Related
Jun 4, 2011
I have ACS1121 running version 5.1.0.44.6 on my network environement , I need to enable account lock-out for internal user during failed attempt for more than 8 times , How to achieve this . I could see account lock-out for administrator user account , not for internal user .
View 2 Replies
View Related
Jul 24, 2011
We are currently evaluating a ACS 1121 running 5.2, we are trying to configure this to Authenticate eap-peap requests.
Our users will be using credentials in a username@example.com format, if the server sees a request using username@anotherrealm.com then it would forward the request to a external proxy radius server, if the server saw a request for our domain it would strip off the @example.com part and authenticate against AD.
Im finding it hard locating documentation to tell the server if a request comes from a NAS using username@example.com then strip @example.com and authenticate username against AD.
View 4 Replies
View Related
Feb 21, 2011
what is the easiest method permitting a local and a remote pc to access the same database ? They both have internet access.
View 3 Replies
View Related
Apr 14, 2013
We have had an active ACS unit for many years now, and we've added a second one, both are 1121 Appliances. The newer one came with 5.4, so we upgraded the older one to 5.4.
We setup replication between the two, with the newer one primary and the older one secondary. Problem is, windows based clients are unable to authenticate to the older ACS appliance. The only problem we can see is that it indicates that adclient is not running, under Monitoring & Troubleshooting, ACS Health Instance Summary.
So... been trying to figure out how to correct this, yet have been hard pressed to find a knowledgebase article that works. So far, Cisco hasn't added my smartNet on the new box so I can get some support?
View 6 Replies
View Related
May 27, 2013
I would like to know if its possible setup database replication from Cisco ACS 4.2 server to ACS 5.4 server ?
View 3 Replies
View Related
Feb 18, 2013
i configured pix 525 for easy vpn. About 100 to 200 people will use this service. i dont have much knowledge about radius and tacacas servers. Is local data base enough for extended authentication or should i configure the server for it ?
View 2 Replies
View Related
Mar 27, 2011
Firstly the ACS 4.2.1 for Windows database replication does any one have and documentation on the processes required?Secondly I have a single system installed which is providing TACACS authentication for management access to a Cisco 5508 WLC, the controller prompts with a login box on connection to the web interface. When you put in the username and password pair the box comes back as if the authentication has failed. On the ACS I was unable to see any failed authentications so enabled passed authentication reporting and can see the user passing the process. The WLC is running software version 6.0.199.4. On the ACS I have added the extra two options within the TACACS interface configuration and have a ‘role1=all’ against both the user and the group the user is part of so I am confused as to why the user is still denied access.
View 3 Replies
View Related
Apr 23, 2013
We have recently upgraded acs 5.1 to 5.3 ( normal upgrade process), all secondary (ACS-B) was deregistered from primary (ACS-A , used as configuration server and log collector) and updated successfully. But while upgrading primary acs server was rebooted manually. But later primary server was re upgraded successfully to 5.3.
Just to ensure database is not lost on primary acs (ACS-A) , primary acs was registered to one of the secondary acs (ACS-B). Initially ACS-A registered with ACS-B, both ACS was showing proper role now. ACS-A ( secondary ) and ACS-B (primary). But on New primary ACS (ACS-B) is showing new secondary (ACS-A) offline and replication pending. Whereas on Secondary ACS-B its shows primary ACS-A online and updated. But ACS replication id is gradually incrementing. ACS system is in this system for last 2 day, But not sure if there is real replication happening at backend? How long it take place to replicate completely? and how to check / verify status of upgrade?
View 3 Replies
View Related
Jul 31, 2012
on the dashboard of the "Monitoring & Report Viewer" I see a lot of system alarms related to the database.The explanation of the alarm says to look at the Collector logs for the details.
View 3 Replies
View Related
Mar 22, 2011
i'm trying to configure acs 5.2 to LDAP external idenity store, when LDAP failes ACS 5.2 should use internal indenity store. I configured A sequence to use LDAP 1st then Internal and i shut off the link to the LDAP but ACS will not use internal, AAA Diagnostics keeps telling me that Cannot establish connection with LDAP server and will not use the internal store.
View 7 Replies
View Related
