Chapter 8
Establishing Cisco Secure ACS System Configuration
Important Implementation Considerations
78-14696-01, Version 3.1
Cisco Secure ACS every time it runs. Therefore, a large database results in
substantial amounts of data being transferred, and the processing overhead can
also be large.
You should consider several important points when you implement the
CiscoSecure Database Replication feature:
Cisco Secure ACS only supports database replication to other
•
Cisco Secure ACSes. All Cisco Secure ACSes participating in CiscoSecure
database replication must run the same version of Cisco Secure ACS. We
strongly recommend that Cisco Secure ACSes involved in replication use the
same patch level, too.
You must ensure correct configuration of the AAA Servers table in all
•
Cisco Secure ACSes involved in replication.
In its AAA Servers table, a primary Cisco Secure ACS must have for
–
each of its secondary Cisco Secure ACS an accurately configured entry.
–
In its AAA Servers table, a secondary Cisco Secure ACS must have for
each of its primary Cisco Secure ACSes an accurately configured entry.
–
On a primary Cisco Secure ACS and all its secondary
Cisco Secure ACSes, the AAA Servers table entries for the primary
Cisco Secure ACS must have identical shared secrets.
Only suitably configured, valid Cisco Secure ACSes can be secondary
•
Cisco Secure ACSes. To configure a secondary Cisco Secure ACS for
database replication, see
page
8-21.
Replication to secondary Cisco Secure ACSes takes place sequentially in the
•
order listed in the Replication list under Replication Partners on the
CiscoSecure Database Replication page.
A secondary Cisco Secure ACS receiving replicated components must be
•
configured to accept database replication from the primary
Cisco Secure ACS. To configure a secondary Cisco Secure ACS for database
replication, see
Configuring a Secondary Cisco Secure ACS, page
Configuring a Secondary Cisco Secure ACS,
User Guide for Cisco Secure ACS for Windows Server
CiscoSecure Database Replication
8-21.
8-15