Cisco AAA/Identity/Nac :: Migration VPN From ACServer 4.2 To ACSystem 5.3?
Jul 18, 2012
I'm using Cisco Secure ACS 4.2 for Windows to configure and authenticate VPNs external groups and users on VPN 3K concentrator.Now I'm migrating to AC System 5.3.I'm trying to configure the new system to do the same work.
I have configured a new access profile with all RADIUS attributes, than an access policy.IPSec Phase 1 completed successfully but VPN client doesn't procede with XAUTH.ACS View reports the correct rule and access service.
View 7 Replies
ADVERTISEMENT
May 19, 2013
I have an ACS 5.2 deployment and i want to upgrade it to 5.4 version.I have 2 server in my deplyement:
1/ Primary Server as Authentication server & log collector
2/ Secondary server as Authentication server.
What is the best way to do the migration? Normaly, i can proceed as follows:
1/ Deregidter each server from the deployement ==> Make both the servers standaone
2/ Upgrade the Secondary server.
3/ Upgrade the Primary server (without migrate the log server).
4/ Join Servers to the deployement.
View 11 Replies
View Related
Mar 22, 2011
what is the key point to note for migrating data from ACS 4.0 to ACS 5.0? how can I use Migration utility to migrate data from old version to new version??
I have ACS setup running with 1000 devices and more than 2000 users and 60 groups dont want to build new acs from scratch want to import data from old version?
View 2 Replies
View Related
Jan 14, 2012
I need to upgrade my ACS for windows 4.1.1.23 to 5.2 as we have come across the windows 2008R2 AD problem. Now reading the migration document it says I need to go to at least 4.1.1.24 first which will not be a problem, then I need a migation server, so that means I need another ACS server as the migration server. As I already have 2 ACS servers could I use one of them as the Migration server, ie take it out of production?
View 1 Replies
View Related
Jun 11, 2012
If we need to migrate ACS 4.2 installed on appliance 1113 to ACS 5.3 what all the prerequisites...?
whether any hardware dependencies and the same configurations on 4.2 could be operated on 5.2 even after appliance changes...?
View 1 Replies
View Related
Jun 12, 2013
I need to Migrate from ACC 4.1(1) to ACS 5.4, Have configured Network Access Restrictions and Networks Access profiles in ACS 4.1(1), can i go for staright away migration and is the same supported in ACS 5.4
View 5 Replies
View Related
Jul 1, 2012
We have to ACS cisco Box running software as 4.2 & 5.2. We want to upload all the data present in 4.2 ACS to 5.2 ACS.
View 6 Replies
View Related
Jun 13, 2011
I'm planning migration from ACS 3.3 to a new machine, so I'm thinking about new Cisco ISE.I have the following question: ACS 3.3 acts as AAA RADIUS with LDAP repositoriy for wireless deployment, using PEAP-GTC. Is possible, with ISE, to use a different EAP method, such as PEAP-MsCHAPv2 or EAP-TTLS?
In ACS 5.X I think it's only supported PEAP-GTC and EAP-TLS when identity repository is LDAP. Is the same in Cisco ISE?
View 2 Replies
View Related
Oct 1, 2012
One of my customer wants to upgrade their Cisco ACS version from 4.0 to 5.3. The client has existing ACS version 4.0 windows on VM with two instance and need to upgrade to 5.3 Linux.As per my understanding following version are supporter to upgrade ACS to version 5.3 ACS 4.1.1.24ACS 4.1.4ACS 4.2.0.124ACS 4.2.1 but unfortunatlly there is running 4.0.I suggested to my client the upgradation for ACS and proposed this Upgrade lisence L-CSACS-53VMUP-K9 and CON-SAS-CSACS3V? how I can do the smooth deployment / Migration from 4.0 to 5.3 with (A/P)high availability.
View 1 Replies
View Related
May 9, 2011
we currently have 4x ACS 4.1 (1) build 23 windows based and we are going to migrate to ACS 5.2 appliance 11211.the first pair we are using simply local authentication for multiple vendor firewall and routers, with one custom radius vendor-specific attributes, with now she exec.the second pair we are using for wireless clients authentication through AD, with dynamic mapping.
in order to migrate what would be the most suitable migration, whether to use Migration utility or export those ACS objects and import them into the new ACS 5.2.
View 1 Replies
View Related
Mar 7, 2012
Is there a simple way to migrate shared dACL to group/user mappings from ACS 4 to ACS 5? After migration using the Migration tool provided by Cisco I get shared dACLs and also I get all my users/groups transfered but these shared dACLs are not mapped to groups or users as previously. I understand that in new ACS we do not apply authorization directly to users/groups, but then if I had in ACS 4.x a hundreds of groups and each of these groups had a dedicated dACL (shared) applied as authorization attribute now after migration to ACS 5 I have to create separate authorization profile for each of these groups which is a lot of manual work. So I'm asking for an easy automated way to migrate authorozation rules to new ACS version.
View 1 Replies
View Related
Nov 30, 2011
I cannot access WLSE, after migration from ACS 4.2 to ACS 5.2. WLSE was configured with tacacs+ management. In ACS 5.2 I've configured the optional custom attributes: groups = "System Admin"
View 2 Replies
View Related
Jun 7, 2011
I'm with problems to migrate the ACS 5.1 hardware to ACS 5.1 vmware. In my infraestructure I have a appliance with ACS 5.1 and I need to migrate to vmware to do HA. I installed vmware as the Cisco ACS recommendations. I made a backup of the ACS hardware and copied the local disk vmware ACS.
When I start the restore process after a few minutes an error occurs:
UMA/admin# dir
Directory of disk:/
33293306 Jun 08 2011 16:51:38 bkp-production-110608-1433.tar.gpg
5862 Nov 07 2009 01:06:32 favicon.ico.1
16384 Jun 06 2011 17:54:34 lost+found/
[Code]....
View 4 Replies
View Related
Dec 21, 2010
I am working through the migration from ACS 4.1.4 on Windows Server 2003 to ACS 5.2 on the appliance. I have created the 4.1.4 migration server, installed the software and imported the data from our production ACS 4.1.4 box. I downloaded the migration utility from the 5.2 ACS server and am attempting to run on the 4.1.4 migration server. The question that fails is:
Enter ACS 4.x Server ID:
I do not know what this means and do not see anything on the 4.1.4 server that identifies the Server ID. I try localhost and it does not work and the 4.1.4 server is not registered in DNS or I would try that (and . are not valid characters in the ID so the IP does not work).
How have other people handled this question? Is there something that can identify the local server ID?
View 9 Replies
View Related
Jul 26, 2012
I am trying to migrate an ACS 4.1.1(24) using the migraton tool to ACS 5.2. The tool is working OK. It migrates the users, groups, NDG, etc. and the reports are showing no errors.
The problem is with the Enable password of the users. The users in the ACS 4 have the TACACS+ Enable Password configured, but after the migration it appears empty in the ACS 5.
View 3 Replies
View Related
Aug 15, 2012
I've valid SAU service contract with WCS. Can I migrate from WCS (7.0.230..0) to latest version of NCS by downloading it from software center or I should purchase some SKU for upgrading to NCS?
View 1 Replies
View Related
May 22, 2012
Is anybody deploying ASA Services Module? I am looking for feedback/gotchas/advice for a migration from an ASA-5550 HA pair.I also received confirmation from Cisco that VPN termination is active in the latest 8.5/8.6 code releases, so hopefully should be able to fully retire my 5550's.
View 4 Replies
View Related
Jun 20, 2011
what options are available to a customer with 800 APs that is finally migrating to a centralised model and therefore migrating from WLSE to WCS? Assuming that they move to v8 of WCS can they upgrade their WLSE licenses to WCS?
View 1 Replies
View Related
Nov 13, 2011
Are there any methods for statistic data importing from old LMS 3.2 to a new LMS 3.1 version? I know about devices invemtory export/import function, but also i want to save all data gathered from previous time.
View 1 Replies
View Related
Dec 10, 2012
I am working on a migration from Windows based WCS 7.0.164.3 to NCS appliance (1.2.1-once it is available). After stopping WCS, I issued the export userdata C:WCS07Migrate. The process completed, but did not create a single zip file. I found 2 files created in the tmp directory.
One contains multiple a folder called tempDirUserDataFromDb - containing multiple xml files; and another file called ImportExport_ca<number> which contains the maps. Was there something incorrect in my command? Can I use still use these files on NCS? Or do I need to redo the export on the WCS?
View 3 Replies
View Related
Mar 5, 2013
NCM is going away. It is recommend to move to LMS. We already have a LMS deployment. Currently just used for Monitoring/Performance.Trying to figure out how to get the Configuration change piece that we used NCM for into LMS. Not really having any luck.What I am really wanting to do is configuration archive, device config change notices (when a device config changes I can run report to see who and what was changed), and configuration comparisions (between old and new configs)
View 5 Replies
View Related
Mar 8, 2011
As we are all aware that the ASA8.3 has quite some changes interms of configuration method.
I would like to know if it is possible to use the pix to Asa conversion tool for 8.3 purpose.
View 2 Replies
View Related
Dec 24, 2011
I'm trying to get all the templates and Maps I've created in WCS into our new NCS. The instructions say just run the export.bat file on WCS and then Migrate into NCS. I cannot find any export.bat file on version 7.0.220.0 of WCS. Is it only available in WCS version 7.0.164.3 ro 7.0.172.0? Do I have to use the export.bat file or can I just do a regular backup and restore?
View 7 Replies
View Related
Nov 28, 2012
A customer is asking to upgrade their LMS 3.0 to Prime 1.1. However, the customer or their previous system's integrator never actually installed LMS 3.0. The licensing and PAK were never used as well. My question is, can I still use the migration top level part # R-PI-1.1-UP-K9 to upgrade LMS 3.0 to Prime 1.1 because there was no licensing ever installed? How would the migration of the current licensing work with the new licensing PAK if that is the case? Or does the customer have to purchase a fresh Prime 1.1 licensing (top level part # R-PI-1.1-K9) because LMS 3.0 was never installed?
View 2 Replies
View Related
Jul 3, 2012
i exported config file from asa5505. i changed this file and i imported in my asa5510. can you tell me that config file allright
View 1 Replies
View Related
Oct 4, 2011
Can't see this in the documentation, as only Solaris to soft appliance is mentioned, so does anyone know if you can migrate data from LMS 4.0.1 on Windows 2008 to the soft appliance on LMS 4.1?
View 1 Replies
View Related
May 30, 2012
We have a single 4404 that was setup long before I arrived with Guest networks that timeout and other such tweaks. Is there a document somewhere that shows a way to migrate the old settings to a new 5508 that we are purchasing? By the time the 5508 arrives I will have a very small window to setup the unit before a new wing goes live. I need the new unit as we have reached our limit of licensed AP's on the old 4404. It seems like everyone keeps talking about an easy way but no one says how to do it.
I have never setup one of these units before from scratch so I don't know how long it will take.
View 6 Replies
View Related
Feb 12, 2013
I have old ASA with 8.0 configuration that includes huge number of ACL, NAT , VPNs , we got a new ASA with 8.6 , and we are planning to move the configuration to the new box , I'm wondering what is the best approach to do this , I'm thinking of one of the following scenarios1- downgrade the new ASA to 8.3 , the apply the config , remove the identity nat commands and names then upgrade to 8.6 and after that reconfigure the NAT rules and object groups .2- convert the old config manually to 8.6 code including NAT , object-group ,ACL and apply it to the new ASA ( this is going to be huge task). What are the commands that I have to look at when I convert to 8.6 and will the VPN configuration be affected ?
View 5 Replies
View Related
Apr 9, 2013
WCS 7.0 to Prime Infrastructure 1.2 migration?I am so confused on the migration procedure as I found the documents in Cisco kind of contradictory.Some document said it is required to upgrade WCS to NCS 1.1 before to go to prime infrastructure 1.2.And the other document said WCS can directly upgrade to prime infrastructure 1.2.
View 13 Replies
View Related
Sep 28, 2011
I'm currently working on migration from CSS to ACE. The ACE appliance is running A4(2.0) code. And i couldn't find the CSS to ACE conversion tool in the Web gui.
View 2 Replies
View Related
Jun 27, 2012
my company has the asa 5505 working as the remote access vpn server. my company needs more licenses for vpn than the asa 5505 give it. because of my company purchased the asa 5510. i must migrate configuration from the asa 5505 to the asa 5510. i exported configuration file from asa 5505. i made the changes on them and imported them in the asa 5510. my asa5510 doesn't work. i putted configuration files from asa 5505 and 5510.
View 10 Replies
View Related
Jun 24, 2010
Have upgraded WCS to 7.0 due to a Mesh network feature we needed, but now see I can no longer edit the AP migration templates. The interface allows me to create or delete them but the command dropdown box does not show an Edit option. So now for every AP I want to migrate I need to create a new template before I can select the AP's and migrate them. I still need to migrate about 220 APs....
Looking though the function it tells me to click on the Migration Template name. However neither in MS IE nor Firefox this works, there is no link activated.
View 7 Replies
View Related
May 28, 2012
I have a PIX 515 with version 8.0(3). We buy a ASA 5525-X for replace the PIX.
The question is, what is the better method to migrade the configurations? Manually?
What is the better version for 5525-X? 8.6.1?
View 4 Replies
View Related