Reimaging a 1112 appliance to 4.1

I have been trying to upgrade a secure ACS appliance to 4.1 and having issues. If I use the recovery CD TAC had me build it boots and lets me select " re-image hard drive" etc but I loose console access. If I watch the monitor the upgrade (ghost) seems to go as planned but again I loose console access..I can use the 3.3.3 recovery CD and everything works great. Should going to 4.1 be this hard?
Thanks

Hi ,
Is there any specific time you loose console access ? Nothing special needs to be done for reimageing 4.1.
Make sure the recovery image is for model 1112 and not for 1111 or 1113.
Regards

Similar Messages

  • Installing ACS 4.2 on an 1112 appliance

    I have a 1112 applicance and I would like to install ACS 4.2.  It has an older version of ACS on it and I really don't care if it gets destroyed.  I am looking for what would be the best/easiest way to install ACS 4.2 and blow the other install of ACS way.  Any assistance would help.
    -Dustin

    You will need to use the ACS 4.2 recovery CD's to install that version on your 1112 appliance.

  • Reimage NAC-3315 appliance to ISE

    Hi,
    My site got the NAC-3315 appliance and we would like to reimage this appliance to inline posture mode (for VPN purpose)
    What's the proper migration process should deal with this? Is the NAC-3315 hardware comply with the Inline posture mode requirement?
    Thanks
    Noel

    Hi All,
    I'm using ise-1.1.0.665.i386.iso try to reimage on NAC 3315 appliance.
    what/how i do is:
    01. manually set the BIOS date and time tally with UTC time.
    02. burn the ISO as bootable DVD, and install the ISE from scratch.
    03. after setting the interface IP address, subnet mask and default gateway, it fail to ping the gateway
    (I just proceed the installation anyway)
    04. The NAC 3315 appliance was connected to a switch, switchport  access join the dedicate VLAN, but it fail to ping the NAC IP from  switch. In fact, from switch it was able to ping the gateway IP)
    PROBLEM STATEMENT
    01. after the installation done, able to CLI to the ISE and check  all the ISE processes were running. But problem is nobody can ping the  ISE appliance.
    02. I following the instruction of "Cisco Identity Services  Engine Hardware Installation Guide, Release 1.1" -> "Appendix F,  Installing Cisco ISE 3300 Series Software on Cisco NAC and Cisco Secure  ACS Appliances", which this can be found on following URL
    http://www.cisco.com/en/US/docs/security/ise/1.1/installation_guide/ise_app_f-installing_on_NAC-AC.html
    03. In the installation process i didn't resetting the RAID array, is it necessary for me to reset it?
    (Because i didn't see the message indicating that "The installer requires at least 600GB disk space for this appliance type,")
    Can please guide what to do? Million Thanks
    Noel

  • ACS Appliance 1112 version 4.1 Web Interface

    Hi, I have an ACS 1112 appliance that is currently running on 4.1 and was brought up to patch level 4.1.1.23.3. We were attempting to install patch 4.1.1.23.4 through the Web Console when we lost connectivity and never got it back. After logging in through the serial console, it indicated that an 'upgrade was in progress'. I was able to successfully re-run the install for 4.1.1.23.4 through the serial interface, along with 4.1.1.23.5, however, even after several reboots, I still cannot gain access to the Web Console. I also confirmed that CSAdmin is up and running. Is there anything I can do to remedy this issue without rebuilding the entire device? Thank you.

    Make sure that you have the Remote Agent matching you ACS Version 4.1.1.23.5.
    I've seen issues where ACS was trying to contact RA and GUI became unresponsive.
    Also, by default the ACS allows any TCP ports to be used for Administration HTTP Access, but this could be limited once you gain access.
    My point here is that if the web access was working before, it might not be the case, but you could be blocked by a firewall/pix/asa...
    Try from a different PC, and a different browser...

  • ACS Appliance configuration issue.

    When I attempt to configure the ACS IP address I am getting the following error:
    "Error; Failed to get NIC configuration: <null> <FFFFFFFF>"
    The device is connected to a working ethernet port and the the physical layers have been eliminated. Aside from starting from scratch, can anyone suggest a way out of this problem?

    you need to reimage the ACS appliance.

  • CSACSE-1112-K9 - v4.2 - config/device recovery

    Hi,
    hope you can guide me to the right direction to resolve this issue.
    I have a problem exporting the config from a 1112 appliance.
    It does not boot up properly. GUI logon and authentication is not possible.
    I can console and SSH to it but the only thing i get is the commands below and nothing else.
    login as: admin
    [email protected]'s password:
    Last login: Wed May 30 11:11:42 2012 from jsmith
    Could not chdir to home directory /home/admin: No such file or directory
    acs> help
    API called before initialised at V:\ismg_israel_acs\Acs\EndPoint\Core\endpoint.cpp:395
    Command                  Description
    ?                    List commands
    exit                 Log off
    help                 List commands
    csutil -dumpadmin    Dump Admin Audit Information
    csutil -dumpgroups   Dump Group Audit Information
    csutil -dumpusers    Dump User Audit Information
    csdbsync -syncnow    RDBMS synchronization
    acs>
    Any ideas how could i get the config and/or get it work again?
    Thx!
    Peter

    SSH connection would only should you limited commands and that is an expected behaviour.
    You need to establish a console connection if you would like to take back of your current configuration.
    Establishing serial/console connection
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/solution_engine/instalap.html#wp1065399
    Backing upi ACS data from serail console connection
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/solution_engine/admap.html#wp1057928
    What error are we getting during the bootup process?
    Did you check the status of the services? This can be checked by running "show" command from console session.
    Csadmin should be running in order to access it through web gui.
    Do let me know if you need further help.
    Regards,
    Jatin
    Do rate helpful posts-

  • We are unable to manage our ACS

    Accidentally the power to the ACS server was switched off and then on again. But after the power on though the device came up successfully; we are not able to manage it.
    We are unable to manage our ACS. We have a configuration back-up.
    1)       by HTTPS. The cert can not be added manually on the browser in any way. Looks like an application error. Tried several different browsers.
    ACS details:
    CSACSE-1113-K9    Cisco secure ACS 4.x solution engine 1113 Appliance    CSACSE-1113-K9v01
    when i try https:abc001:2002/
    I get he following pop up error message:
    Secure connection failed.
    an error occurred during connection to abc001:2002. certificate type not approved for application.(Error code:sec_error_inadequate_cert_type)
    .the page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    .please contact the web site owners to inform this problem. Alternatively, use the command found in the help menu to report this broken site.
    2) by SSH. xxxxx is the administrator account.
    We can login but there are no commands available
    abc001>help
    command                             Description
    ?                                List commands
    exit                             Log off
    help                             List commands
    csdbsync -syncnow                RDBMS synchronization
    abc001>?
    command                             Description
    ?                                List commands
    exit                             Log off
    help                             List commands
    csdbsync -syncnow                RDBMS synchronization
    2)Tried with a serial cable, but we only get some rubbish on the screen. We tried different serial cables. These cables work on other appliances (WLC controller and Cisco switches) but not on the ACS

    Hi,
    The issue which you are facing comes when you the certificate installed on the ACS is either not correct or has gone corrupt. You would not be able to install a fresh certificate on the ACS Appliance through console or SSH.
    You can open a TAC case and send a backup of the ACS database, they might be able to correct the database. Otherwise the only other option is to reimage the ACS Appliance.
    To access an ACS Appliance from the console, you can go to http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/solution_engine/instalap.html#wp1065399
    To administer the ACS Appliance, take a backup etc., you can go to http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/solution_engine/admap.html
    Regards,
    Kush

  • Cisco Prime NCS 1.2.1.012 nms stopped

    Hi all,
    Got an issue with nms server stopped, it is the full 3300 appliance not a vm, have tried:
    1.
    ncs stop
    ncs cleanup
    ncs start
    2.
    ncs stop
    ncs redidb ( off the top of my head can't remember exact command for that one)
    ncs start
    3.
    tried reboot after ncs stop
    Getting this ouptu on ncs start:
    As first time is not present - removing .dbCreated
    Starting Network Control System...
    Unable to verify hardware.
    This may take a few minutes...
    Also on ncs start verbose getting a massive error:
    Processing Service Name: NMS Server
    Remoting 'Matlab Server' started successfully.
    Starting NMS Server
    Checking for running servers.
      Checking if DECAP is running.
      00:00 DECAP is not running.
    00:00 Check complete. No servers running.
      00:11 DECAP setup complete.
      Creating the DB schema
    Removing configuration folder on DB clean
    DDL execution of the script /opt/CSCOlumos/bin/aems_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/aems_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
    DDL execution of the script /opt/CSCOlumos/bin/compliance_engine_schema.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP star
    tup.
            DDL execution of the script /opt/CSCOlumos/bin/compliance_engine_schema.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting X
    MP startup.
    DDL execution of the script /opt/CSCOlumos/bin/cr_proc_drop_part.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/cr_proc_drop_part.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP star
    tup.
    DDL execution of the script /opt/CSCOlumos/bin/disableStats.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/disableStats.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_ca_exclude_list.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_ca_exclude_list.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP st
    artup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_ca_mainpage_view.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_ca_mainpage_view.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP s
    tartup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_indexes.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_indexes.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_foundation_system_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP
    startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_foundation_system_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exit
    ing XMP startup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_ipsla_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_ipsla_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP star
    tup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_ipsla_default_data.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP st
    artup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_ipsla_default_data.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting
    XMP startup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_pm_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_pm_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup
    DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_pm_lt_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_pm_lt_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP star
    tup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_pm_lt_sp.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_pm_lt_sp.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP start
    up.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_pm_mt_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_pm_mt_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP star
    tup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_syslog_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_syslog_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP sta
    rtup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_system_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ifm_sam_system_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP sta
    rtup.
    DDL execution of the script /opt/CSCOlumos/bin/ifm_swim_default_repo.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup
            DDL execution of the script /opt/CSCOlumos/bin/ifm_swim_default_repo.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP
    startup.
    DDL execution of the script /opt/CSCOlumos/bin/job_schema_update.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/job_schema_update.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP star
    tup.
    DDL execution of the script /opt/CSCOlumos/bin/ncs_api.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/ncs_api.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
    DDL execution of the script /opt/CSCOlumos/bin/wcs_dropFKs.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/wcs_dropFKs.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
    DDL execution of the script /opt/CSCOlumos/bin/wcsutils.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/wcsutils.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
    DDL execution of the script /opt/CSCOlumos/bin/wda_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/wda_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
    DDL execution of the script /opt/CSCOlumos/bin/wirelessAlarmSpecificId.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP start
    up.
            DDL execution of the script /opt/CSCOlumos/bin/wirelessAlarmSpecificId.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XM
    P startup.
    DDL execution of the script /opt/CSCOlumos/bin/xmp_credential_mgr_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startu
    p.
            DDL execution of the script /opt/CSCOlumos/bin/xmp_credential_mgr_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP
    startup.
    DDL execution of the script /opt/CSCOlumos/bin/xmp_fingerprints_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/xmp_fingerprints_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP s
    tartup.
    DDL execution of the script /opt/CSCOlumos/bin/xmp_preference_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/xmp_preference_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP sta
    rtup.
    DDL execution of the script /opt/CSCOlumos/bin/xmp_quartz_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/xmp_quartz_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup
    DDL execution of the script /opt/CSCOlumos/bin/xmp_rbac_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/xmp_rbac_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
    DDL execution of the script /opt/CSCOlumos/bin/xmp_usermgmt_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP startup.
            DDL execution of the script /opt/CSCOlumos/bin/xmp_usermgmt_ddl.sql failed. Please check the log file /opt/CSCOlumos/logs/ddl_log.log. Exiting XMP start
    up.
    Any ideas ?

    Hi Ben:
    There are .iso images for both Prime Infrastructure 1.2.1 and the current release, Prime Infrastructure 1.3.0.20 that can be downloaded and burned to a Dual Layer DVD (in a Dual Layer DVD burner) and used to reimage the physical appliance with.  These physical appliances shipped from a factory with a hard drive that has magnetic  representations of 0 and 1 on it, it's entirely possible something  happened to something to the data in transit.  Reimaging puts everything back to square one and completely rules out the  possibility of anything being corrupted. 
    Once it's running again, be sure to check out and install the Update 1 patch for Prime Infrastructure 1.3.0.20 (filename PI_1.3.0.20_Update_1-12.tar.gz).
    Release Notes for Update 1 for Cisco Prime Infrastructure 1.3.0.20

  • We are unable to download firefox to our computers.

    Firefox will not download from your website to our computers. tried multiple times on different dates and it still will not download.
    == This happened ==
    Just once or twice
    == about a week ago. ==
    == User Agent ==
    Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6.5; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

    Hi,
    The issue which you are facing comes when you the certificate installed on the ACS is either not correct or has gone corrupt. You would not be able to install a fresh certificate on the ACS Appliance through console or SSH.
    You can open a TAC case and send a backup of the ACS database, they might be able to correct the database. Otherwise the only other option is to reimage the ACS Appliance.
    To access an ACS Appliance from the console, you can go to http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/solution_engine/instalap.html#wp1065399
    To administer the ACS Appliance, take a backup etc., you can go to http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/solution_engine/admap.html
    Regards,
    Kush

  • Can I reset console password on ACS1112 device running 3.3 using 4.1 recovery CD?

    Hi,
    I am in a situtaion where I need to reset the console username/password on one of our ACS 1112 appliances. No one can remember it.
    We are in the process of upgrading these devices from version 3.3 to 4.1 (latest version we can run on our only ACS1111 device).
    The 3.3 Recovery Disk I have does not boot (probably damaged, or burnt too fast). I have a 4.1 Recovery CD, that I was wondering if I could use instead?
    The reason I am asking first before trying is I cant run any risk of corrupting the configuration that is already on there, as it is still in production.
    Regards
    Jeff

    Thanks for the reply. This is what I thought.
    How accurate doe the version have to be. eg there are 4 numbers, eg 3.3.x.y
    Can I use any 3.3 recovery CD, or does it have to be specifically for 3.3.x.y?
    Regards
    Jeff

  • Cisco ACS 4.2 1113 Recovery DVD

    Good day!
    We have CSACSE-1113-k9 Cisco ACS 4.2 1113 appliance. And we need to reimage (restore the appliance to its original state). Could enyone help me with proper link to software.cisco.com image of recovery DVD?
    I'm trying to find it, but i cant see recovery dvd:
    Downloads Home
    Products
    Cloud and Systems Management
    Security and Identity Management
    Cisco Secure Access Control Server Products
    Cisco Secure Access Control Server Solution Engine
    Cisco Secure Access Control Server Solution Engine 4.2

    Hi,
    AFAIK you do not have the option to download ACS Recovery DVD from cisco.com. You can contact Cisco TAC and they can publish the software for you.
    Do rate if Helpful....
    Regards,
    Kush

  • ACS Engine Hanging / Replication Problems

    I have two ACS 1112 Appliances running the latest software (Release 4.0(1) Build 42). Each appliance seems to run fine on its own. However, after setting up and successfully performing replication, the second ACS will not fully reboot. It says CSAuth did not start. 'show' usually shows the cpu at 100% with the services in various states of stopped, stopping, or starting. The web interface is unavailable. Another thing I have noticed that I think may have something to do with it is the status of the remote agents in the network device table. After replication, (and before rebooting) I can click on one successfully on the original machine, but when I attempt to click on one on the second appliance, I get a 404 browser error, and my ACS session is closed. I have to log back in to do anything else. Right now, I am rebuilding the second appliance from the cd (for the 15th time) to attempt replication with no remote agents defined to make narrow down the problem. Also note that if I manually add a remote agent on the second appliance, I am able to get to its properties with not problems. I am only not able to get to replicated entries' properties. Thanks in advance for any help.

    Well, forget about the remote agents. The primary appliance has a very basic config. The only things in the network device table are itself and the other ACS. They each have the correct settings and the same key. The backup ACS has no configuration settings, except the ACS settings in the network device table and the appropriate replication settings. After a successful replication from primary to backup, and a reboot of the backup--it will not start back up. The CPU is at 100% and the services look like this:
    CSAdmin stopped
    CSAuth starting
    CSDbSync starting
    CSLog stopping
    CSMon starting
    CSRadius starting
    CSTacacs starting
    CSAgent running
    thanks.

  • ACS Appliance 1112 - Authentication Without Enable Secret

    Hello Everybody
    I have a ACS appliance 1112 to authenticate users by TACACS+ with Active Directory.
    The users can access the privileged mode on network devices just with the user AD without typing a enbale secret but after a restart on appliance now the users are asked to typing a enable secret to access the privileged mode.
    Is necessary change something on Network Devices or maybe a configuration on ACS ?
    Thanks

    Please go to the group that belongs to the user in question and make sure we have shell exec checked with priv 15
    Bring users/groups in at level 15
    1. Go to user or group setup in ACS
    2. Drop down to "TACACS+ Settings"
    3. Place a check in "Shell (Exec)"
    4. Place a check in "Privilege level" and enter "15" in the adjacent field
    Also check passed authenticate logs and make sure that user are mapped to the right group of acs.
    Regards,
    ~JG
    Do rate helpful posts

  • ISE reimage to 1.2, cant load install software

    Hello
    We have some ISE 3355 servers ready to configure, out of the box, and we want to upgrade them to version 1.2 before configuring them. I got the iso image for 1.2 but Im having problems with the reimage process.
    I have been able to run the reimage process on 2 out of 4 devices, but at this moment, the reimage process gets stuck after I choose the boot optios trying to load the initrd.img file...
    boot: 1
    loading vmlinuz.............................................................
    Loading initrd.img..........................................................
    Did have the same problem with the second device, but after letting it start all the way down without booting with the dvd and running the setup program, I was able to reboot, boot from the ISE 1.2 dvd and load the reimage process...
    Am I doing something wrong?... the reimage link doesnt provide any help... and its the same thing I´ve been doing...
    http://www.cisco.com/en/US/docs/security/ise/1.2/installation_guide/ise_installing_on_NAC-AC.html#wp1197454
    Any help is much appreciated!

    Hello Alejandro
    If you do not have access to this DVD, you can download the Cisco ISE Release 1.2 software
    from the Cisco Software Download Site at:
    http://www.cisco.com/public/sw-center/index.shtml.
    You will be required to provide your Cisco.com credentials.
    When the Cisco Identity Services Engine ISE VM Appliance (ISE Software Version 1.2.0.xxx) DVD
    boots, the console displays:
    Welcome to Cisco ISE
    To boot from the hard disk press
    Available boot options:
    [1] Cisco Identity Services Engine Installation (Monitor/Keyboard)
    [2] Cisco Identity Services Engine Installation (Serial Console)
    [3] Reset Administrator Password (Keyboard/Monitor)
    [4] Reset Administrator Password (Serial Console)
    Boot from hard disk
    Please enter boot option and press .
    boot: 1
    You can choose either the monitor and keyboard port, or the console port to perform the initial setup.
    At the system prompt, type 1 to choose a monitor and keyboard port, or type 2 to choose a console port,
    and press Enter.
    This starts the installation of the Cisco ISE software on the VMware system.
    For more information this link will definitely be helpful to you.
    http://www.cisco.com/en/US/docs/security/ise/1.2/upgrade_guide/b_ise_upgrade_guide_chapter_01.html

  • ISE reimage 1.1.4 on NAC 3355 Server Issues

    g'day All,
    I'm having trouble with an ISE re-image of a NAC 3355 server presently. I have successfully download the iso for 1.1.4 ise and burnt it to dvd, I've gone through the remiage process, with all the packages being installed successfully (or so it appears) there were no issues during the packages being uploaded and installed from the DVD.
    My issue is, when the box reboots and I am presented with the login prompt where I can type 'setup' to start the initial config script, I can enter all the relevant details and the system brings up the newtork interface, pings the default gateway and nameserver successfully (I don't see any errors that the pings have failed) and it appears to start installing ISE.
    I get the on screen message about not using "Ctrl C from this point", then I see the 'installing applications....' on screen message, but rather than seeing the 'Installing ISE' on screen message as detailed in the 1.1.x hardware installation guide, my install jumps straight to on screen message 'generating configurations' then the box reboots.
    Once the box reboots, I am able to log in with the username/password combo I entered in the intial setup script, but I don't get any further on screen messages or prompts to create a database password, etc. I only get the cli prompt. I am able to navigate around the cli fine, I can ping gateway and nameservers from the CLI fine, but if I do a show application, it comes back with nothing. If I do a application configure ise, the cli states that ise is not installed.
    help please guys.
    Cheers,
    JS.

    Hello James,
    How do you made your install ? Using KVM or Serial port ?
    I had same problems with serial install : I was imaging (1.1.4) some appliance (3315 & 3395) at the same time with one PC/console cable that I plug & unplug from one appliance to another for following the install progress. But on several appliance, I was not prompt for the admin & user database passwords.
    The result was the same than you : The appliance booted, but ISE application was not installed.
    I have got no problems the next time when I have try to reimage the appliance with serial cable but WITHOUT UNPLUG IT from the begining to the end ! The database users/admin DB password were asked and the install was successfull on all my appliances.
    Also you have to check the system time/date/timezone in the BIOS setting of Appliance as describe on the hardware install guide.
    http://www.cisco.com/en/US/docs/security/ise/1.1.1/installation_guide/ise_install_guide.html
    Have you check the MD5 or your ISO ?
    Hope you'll able to finish properly your install.

Maybe you are looking for

  • HP AIO 900 series printer issues...

    I can get it to print using the gimp driver included in the system when I got my computer. I'm using a USB cable with no windows computer involved. However more advanced features such as selecting paper i.e. glossy, flat etc... were not available. I

  • How do I save a frame of video from Final Cut X to my computer?

    I am trying to save a single frame from my storyline to my computer. I used to know how to do this until they updated Final Cut X and now I can't find the option in the menues anymore. Can anybody please help me?? I am working on a project and I real

  • Preview.app's "Mail Document" & Entourage?

    Preview.app's "Mail Document" & Entourage? Has anyone noticed that Apple's Preview.app will allow you to email a PDF as an attachment, but it will only work with Apple's Mail.app. Of course I don't use Mail.app, I use Entourage 2008 (Exchange client

  • Variable/method names standardizing

    Hi All, The problem we've got here is that same things are named in slightly different way by different developers or development groups. Typical example: 'id' property. accessors could be named like: 'getID' or 'getId'. Or even better example: term

  • RAW + JPG shooting and Lightroom

    I would like to know if there are any advantages shooting RAW + JPG on my Nikon D200 then importing into Lightroom? Does Lightroom really work (or is ideal) for processing JPGs? I am considering shooting RAW + JPG especially of my children due to the