Home > Cisco > Control System > Cisco Acs 57 User Guide

Cisco Acs 57 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 57 User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 471

    Page 471 21 Configuring System Operations Replicating a Secondary Instance from a Primary Instance To replicate a secondary instance: 1.Choose System Administration > Operations > Local Operations > Deployment Operations. The Deployment Operations page appears. See the Table 6 on page 15 for valid field options. 2.Click Force Full Replication. The system displays the following warning message: This operation will force a full replication for this secondary server. ACS will be restarted. You will be required... 
    21   
Configuring System Operations
Replicating a Secondary Instance from a Primary Instance
To replicate a secondary instance:
1.Choose System Administration > Operations > Local Operations > Deployment Operations.
The Deployment Operations page appears. See the Table 6 on page 15 for valid field options.
2.Click Force Full Replication.
The system displays the following warning message:
This operation will force a full replication for this secondary server. ACS will be restarted. You 
will be required...

    Page 472

    Page 472 22 Configuring System Operations Using the Deployment Operations Page to Create a Local Mode Instance 7.Press y 8.Access the primary ACS server using the administrator mode and the new IP address. 9.Use the command show application status acs to check if all process are running properly. 10.Register the secondary instances to the primary ACS server. See Registering a Secondary Instance to a Primary Instance, page 15 Failover ACS 5.7 allows you to configure multiple ACS instances for a deployment... 
    22
Configuring System Operations
 
Using the Deployment Operations Page to Create a Local Mode Instance
7.Press y
8.Access the primary ACS server using the administrator mode and the new IP address. 
9.Use the command show application status acs to check if all process are running properly. 
10.Register the secondary instances to the primary ACS server. See Registering a Secondary Instance to a Primary 
Instance, page 15
Failover
ACS 5.7 allows you to configure multiple ACS instances for a deployment...

    Page 473

    Page 473 23 Configuring System Operations Using the Deployment Operations Page to Create a Local Mode Instance The system displays the following warning message: This operation will register this ACS Instance as a secondary to the specified Primary Instance. ACS will be restarted. You will be required to login again. Do you wish to continue? 4.Click OK. 5.Log into the ACS local machine. 6.Choose System Administration > Operations > Local Operations > Deployment Operations. The Deployment Operations page... 
    23   
Configuring System Operations
Using the Deployment Operations Page to Create a Local Mode Instance
The system displays the following warning message:
This operation will register this ACS Instance as a secondary to the specified Primary Instance. 
ACS will be restarted. You will be required to login again. Do you wish to continue?
4.Click OK.
5.Log into the ACS local machine.
6.Choose System Administration > Operations > Local Operations > Deployment Operations.
The Deployment Operations page...

    Page 474

    Page 474 24 Configuring System Operations Using the Deployment Operations Page to Create a Local Mode Instance Check one or more check boxes of the software repository that you want to delete and click Delete. The Software Update Repositories Properties Page page appears. 3.Complete the fields in the Software Repositories Properties Page as described in Table 8 on page 24: 4.Click Submit. The new software repository is saved. The Software Repository page appears, with the new software repository that you... 
    24
Configuring System Operations
 
Using the Deployment Operations Page to Create a Local Mode Instance
Check one or more check boxes of the software repository that you want to delete and click Delete.
The Software Update Repositories Properties Page page appears. 
3.Complete the fields in the Software Repositories Properties Page as described in Table 8 on page 24:
4.Click Submit. 
The new software repository is saved. The Software Repository page appears, with the new software repository that 
you...

    Page 475

    Page 475 25 Configuring System Operations Using the Deployment Operations Page to Create a Local Mode Instance Managing Software Repositories from the Web Interface and CLI You can manage repositories from the web interface or the CLI. Keep in mind the rules for creating or deleting repositories from the web interface or CLI: If you create a repository from the CLI, that repository is not visible from the web interface, and can only be deleted from the CLI. If you create a repository from the web... 
    25   
Configuring System Operations
Using the Deployment Operations Page to Create a Local Mode Instance
Managing Software Repositories from the Web Interface and CLI
You can manage repositories from the web interface or the CLI. Keep in mind the rules for creating or deleting 
repositories from the web interface or CLI:
If you create a repository from the CLI, that repository is not visible from the web interface, and can only be deleted 
from the CLI. 
If you create a repository from the web...

    Page 476

    Page 476 26 Configuring System Operations Using the Deployment Operations Page to Create a Local Mode Instance 5.Perform one of the following actions: Enter the user Password {hash plain} command to configure the SFTP repository with username and password. Enter the user rsa-public-key command to configure the SFTP repository with username and RSA public key authentication. Note: You can configure the SFTP repository either using password or RSA public key. 6.Enter the exit command to come out of the... 
    26
Configuring System Operations
 
Using the Deployment Operations Page to Create a Local Mode Instance
5.Perform one of the following actions:
Enter the user  Password {hash  plain}  command to configure the SFTP repository with 
username and password.
Enter the user  rsa-public-key command to configure the SFTP repository with username and RSA 
public key authentication.
Note: You can configure the SFTP repository either using password or RSA public key. 
6.Enter the exit command to come out of the...

    Page 477

    Page 477 27 Configuring System Operations Using the Deployment Operations Page to Create a Local Mode Instance Exporting RSA Public Key to a remote Repository The SFTP repository is not functional yet. Therefore, you need to export the RSA public key file to a remote repository, copy the key file contents from the remote repository and add it to the SFTP repository authorized key file. To export the RSA public key to a remote repository, complete the following steps. 1.Login to ACS CLI. 2.Enter the crypto... 
    27   
Configuring System Operations
Using the Deployment Operations Page to Create a Local Mode Instance
Exporting RSA Public Key to a remote Repository 
The SFTP repository is not functional yet. Therefore, you need to export the RSA public key file to a remote repository, 
copy the key file contents from the remote repository and add it to the SFTP repository authorized key file. 
To export the RSA public key to a remote repository, complete the following steps.
1.Login to ACS CLI.
2.Enter the crypto...

    Page 478

    Page 478 28 Configuring System Operations Using the Deployment Operations Page to Create a Local Mode Instance ACS allows you to export the following policies and policy elements from the ACS web interface as an XML file to a remote repository or to email ids that you have configured: Service Selection Policies Access Service Policies Network Access Policies Authorization Profiles Device Administration Policies Command Sets Shell Profiles Identity Policies Group Mapping Policies Authorization... 
    28
Configuring System Operations
 
Using the Deployment Operations Page to Create a Local Mode Instance
ACS allows you to export the following policies and policy elements from the ACS web interface as an XML file to a 
remote repository or to email ids that you have configured:
Service Selection Policies
Access Service Policies
Network Access Policies
Authorization Profiles
Device Administration Policies
Command Sets
Shell Profiles
Identity Policies
Group Mapping Policies
Authorization...

    Page 479

    Page 479 29 Configuring System Operations Trust Communication in a Distributed Deployment 3.Click Submit. ACS exports the policies and policy elements: —Immediately after submitting the request if you select the On Demand Export option. —Saves the schedule and performs the export operation on the scheduled date and time if you select the Schedule Export option. Related Topics Creating, Duplicating, Editing, and Deleting Software Repositories, page 23 Trust Communication in a Distributed Deployment ACS... 
    29   
Configuring System Operations
Trust Communication in a Distributed Deployment
3.Click Submit.
ACS exports the policies and policy elements:
—Immediately after submitting the request if you select the On Demand Export option.
—Saves the schedule and performs the export operation on the scheduled date and time if you select the 
Schedule Export option.
Related Topics
Creating, Duplicating, Editing, and Deleting Software Repositories, page 23
Trust Communication in a Distributed Deployment
ACS...

    Page 480

    Page 480 30 Configuring System Operations Trust Communication in a Distributed Deployment —If the certificates in both the primary and secondary ACS instances are valid certificates, the instances establish a secure tunnel between them and register the secondary instance to the primary. —If any of the certificates in the primary instance are invalid, the secondary ACS instance stops the registration process. —If any of the certificates in the secondary instance are invalid, the primary ACS instance rejects... 
    30
Configuring System Operations
 
Trust Communication in a Distributed Deployment
—If the certificates in both the primary and secondary ACS instances are valid certificates, the instances establish 
a secure tunnel between them and register the secondary instance to the primary.
—If any of the certificates in the primary instance are invalid, the secondary ACS instance stops the registration 
process.
—If any of the certificates in the secondary instance are invalid, the primary ACS instance rejects...
    Start reading Cisco Acs 57 User Guide

    Related Manuals for Cisco Acs 57 User Guide

    All Cisco manuals