Cisco ACS 5.4 is supported on ESXi 5.5?
Hello
We modernize Cisco ACS to version 5.4, but the only available platform VMWare's ESXi version 5.5. The docs to install ACS indicates that version 5.0 and 5.1 are the only supported versions. Does anyone know if version 5.5 is supported too?
Thank you :-)
It is supported in 5.6 ACS:
|
Tags: Cisco DataCenter
Similar Questions
-
Cisco ACS 5.2 VMware 'Management' process hangs
Hello
We recently purchased the Cisco ACS 5.2 VMware must be installed on VMware ESXi 4.1. However, after commissioning the virtual machine with the requirements set out in the Cisco installation guide, GBA is unable to start properly.
We don't get messages visible error, but when checking on the process of the CSA, I see that the process of 'management' is suspended in the "initializing" State
Any ideas how to solve this problem?
Thank you
Gilbert
ESX 4.1 is not supported with ACS 5.1
Virtual Machine requirements
The minimum configuration for the virtual machine must be similar to the hardware configuration of the server series CSACS-1120.
Table 6-1 lists the minimum system requirements to install ACS 5.2 on a VMware virtual machine.
Table 6-1. minimum system requirements
Type of requirementMinimum requirementsCENTRAL PROCESSING UNIT
Intel Core2; 2.13 GHz
Memory
4 GB OF RAM
Hard drives
500 GB of disk storage
NIC
1 GB NETWORK interface
Hypervisor
VMware ESX 3.5 or 4.0
Installation of ACS 5.2 on VMware
Kind regards
Jousset
-
Hi all
We use CiscoSecure ACS 4.2 for AAA.
In our ASA 8.2.5 ASDM 7.3 (1) 101, if connect us with user group privilege 5, we would be unable to see the dashboard of firewall for Top 10 Services / Sources / Destinations.
Someone knows how to have the privilege of established, essentially the Group of users that we have only in read-only, but can see the Top 10 services/sources/destinations edge ASDM
Thank you very much
Hi David,
Yes you are right with privilege 5 you would be able to make these changes.
You can use one of two methods of authorization in order to work around this limitation:
Local database: configure command on the security privilege levels
device. When a local user authenticates with the enable command (or logs
with the command login), the security apparatus put this user in the
level of privilege that is defined in the local database. The user can then
access controls at and below the user privilege level.Note You can use the authorization of local control without all the users in local
without CLI and database or enable authentication. Instead, when you enter
enable command, you enter the enable password and security
device puts you in level 15. You can then create enable passwords for
all levels, so that when you enter enable n (2 to 15), security
device puts you in the level n. These levels is not used, unless you put
local command authorization (see "setting up order Local
Authorization ".
http://www.Cisco.com/c/en/us/TD/docs/security/ASA/asa80/configuration/gu...GANYMEDE + server: GANYMEDE Server + (ACS), to configure the controls that can be used by a user or a group after they authenticate to access CLI. All the commands that a user enters in the CLI are verified with the GANYMEDE server +:
http://www.Cisco.com/c/en/us/support/docs/security/secure-access-control...
It will be useful.
Kind regards
Aditya
Please evaluate the useful messages.
-
Cisco ACS 1113 appliance v4.1 - integration of RSA Securid v6.1
The Windows of Cisco ACS version seems to have the ability of integration with RSA Securid its listed in external databases. It can also support the SDI Protocol if you install the agent on the Windows ACS platform. I need to use a Cisco ACS 1113 but RSA Securid does not appear in the section external databases. This mean that I won't be able to use the SDI Protocol only available RADIUS.
And Yes you are right,
With ACS, we need to configure using RADIUS, on ACS SE it won't work with SDI.
Kind regards
Prem
-
restore the configuration of the cisco ACS 1121 ver 5.2 to SNS 3425 ver 5.6
Dear all,
We currently have Cisco ACS 1121 ver 5.2 in our production, then we will replace it with the new devices using SNS 3425 ver 5.6.
Please good to want to help someone can tell you how to restore all the old configuration of devices (ACS 1121 ver 5.2) for the new Member States?
Best regards
Yudibagam
Hello! You must upgrade the current device to a min of v5.4 for restoration work and be supported.
However, if you're going to go through the upgrade problems then I would say that you upgrade all the way to 5.6 just to be sure :)
I hope this helps!
Thank you for evaluating useful messages!
-
Cisco ACS 5.1 and RSA Authentication Manager 6.1
Hi all
We recently had a Cisco Secure ACS 1120 and I improved the Unit 5.1 5.0 with all your support
Now, I need to integrate Cisco ACS 5.1 with RSA Authentication Manager 6.1. I have config file of RSA ACE Server successfully downloaded and exported to 1120 ACS.
I also added as NetOS Agent ACS in the RSA server during the process, I found a few warnings. The ACE Server is not able to resolve the IP address to the name (is it necessary?).
I have not created any file of secret key for communication between FAC and RSA and I used encryption is FOR.
Now, when I log into ACS and search for devices in the identity store sequences I am not able to get Sever Token RSA.
Let me know what was wrong, where can I fix and also please tell me what is the communciaction between the RSA and ACS?
Hoping that you guys help me as usual when I'm in a hurry...
Sree
Were you able to successfully create the RSA identity server. After selecting the sdconf.rec and you press on submit what happened? The RSA instance created OK?
If you go to
Users and identity stores > external identity stores > RSA SecurID Token servers, what do you see in the list?
-
Cisco ACS 3.1 and Logging of Nortel Passport CLI commands
Good afternoon
We try to log commands CLI Cisco ACS version 3.1 of Nortel Passport 8600. The version of the code that runs on the Passport does not support Ganymede +.
Passports authenticate OK but don't sign any order information. I "think" the problem is maybe that the VSA Radius of Nortel for cli-commands-attribute, 195, is not collected by ACS.
Does anyone know how I would go to get this added to the existing list of Radius (Nortel) VSA?
Thank you very much
Kind regards
Flett.
Foisy,
You must add the attribute Nortel 193-195 to activate the posting of the order.
Unfortunately you can't download on code 3.x, you will need to upgrade acs to the 4.x code.
Kind regards
~ JG
Note the useful messages
-
Cisco ACS installation problem
Hello everyone.
I have Cisco acs 4.2 on windows 2008 64 bit installation and get a very strange error when installing. V: ismg_israel_acs it gives some encryption error.
Can someone please help me on this who have encountered the same problem. My project is stopped cause of it.
Thanks in advance.Sent by Cisco Support technique Android app
Hi Rizwan,
If you're upgrading some version prerequisites ACS then I think you get something like this V:\ismg_israel_acs\Acs\Crypto\init.cpp
You need to locate the old CryptoAPI container used by ACS, which may still be on the system. This is normally located in C:\Documents and Settings\username that installed ACS> \Application\Data\Microsoft\Crypto\RSA.
There will be one or more files will be very long filenames hexdecimal. You must identify the right one.
Open a command prompt in that folder and type "findstr /I CiscoSecure *.» ' * ' - the file name that appears should be the
old container of ACS.
Let me know if you will be able to search for any file.
~ BR
Jatin kone* Does the rate of useful messages *.
-
Integration of Cisco ACS and Cisco NAC Manager - downloadable ACLs
Hello
I have Setup Cisco NAC in my environment. These are all works well. The users themselves will get authenticated via Cisco NAC Manager. The Cisco NAC Manager meets with Cisco ACS for the part of the user database. These are all works well. I would like to activate downloadable ACLs. I tried to use the CISCO-AV-PAIR method and creating a downloadable ACL entry in the shared components, but nothing works. It's either I'm doing wrong or this configuration of the mine does not support downloadable ACLs? Please advice kindly.
Kind regards
RAM
+ 6 012-2918870
Hello
It is not possible.
You cannot push the ACL in the NAC manager.
If you make the Radius of NAC authentication manager, you can do is create roles the NAC Manager, and on the roles you define traffic strategies.
Using the Radius attributes you can then map users to roles.
Please, take a look at this:
HTH,
Tiago
--
If this helps you or answers to your question if it you please mark it as 'responded' or write it down, if other users can easily find it.
-
Upgrade to Cisco acs 1120 to 4.2.1.15 help
Hi all
I downgrade of cisco device 1120 DCC acs 4.2.0.124 5.0, I need to upgrade to acs 4.2.1.15. Is device 1120 cisco acs supports 4.2.1.15, how do I upgrade 4.2.0.124 4.2.1.15.
There are any server distribution for the upgrade. Please suggest on this, thank you
Yes, you can upgrade it to 4.2.1.15 and you can download the version from the link below listed;
http://Tools.Cisco.com/Squish/d4e4A
Here are the files you need to download:
ACSse-Upgrade-Pkg-acs-v4.2.1.15-K9.zip
ACSse-Upgrade-Pkg-appl-mng-v4.2.1.15-K9.zip
: Note apply the upgrade of management first and then software update. ..
Distribution server is a machine where you can download the patch on the Cisco Secure ACS Appliance, so if you download the version on your laptop and download then only one distributor (nothing special)
Upgrade an application of 4.2.1.15
I hope this helps.
Rgds, jousset
Note the useful posts ~
-
Hello
Is ACS 4.2 a product multi-vendor can I authenticate (AAA) of no cisco Cisco ACS 4.2 devices.
Thank you
Hello
Yes, you can have AAA for multi vendor device if it supports RADIUS or GANYMEDE and we have VSA right for this.
Thank you
Waris Hussain. -
[Cisco ACS 5.2] EAP - TLS authentication failure
What we are e
Hello
I set up a WiFi connection on Windows XP and Windows 7 with EAP - TLS (using Cisco WLC 7.0.235.3 and Cisco ACS 5.2.0.26.10). It is configured with the authentication of the computer and computer certificates are automatically registered for Microsoft PKI.
It works well!
Now, I configured Windows 8 with the same configuration.
First authentication works, but if I manually disconnect and reconnect, I got this error on ACS: 22047 username main attribute is missing from the client certificate
In the EAP packets, we could see that Windows 8 sent a TLS session but ticket session has not properly taken over by ACS...
Configuration of the ACS, we checked the option "enable EAP - TLS Session resume' with the session timeout"7200 ".
I found this bug
http://Tools.Cisco.com/support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId= CSCtn26538& from = summary
It seems to be my problem but the reboot does not work in my case...
It is set at 5.3 (0.40.2).
I plan to install version 5.4.
Do you know if this fix is supported by 5.4?
Thanks for your help,
Patrick
Hi Patrick,
What is set in point 5.3 must be set in point 5.4.
Even if the same issue appeared with 5.4 there an ID different bug and identified as an independent issue (with different causes, usually)
HTH
Amjad
Rating of useful answers is more useful to say "thank you".
-
The upgrade to Cisco ACS SE and Remote Agent
Hello
Currently we are upgrading the PDC to Windows Server 2008, Standard Edition R2.
I am little confused with information available for upgrade scenarios. Appearing on the current working versions.
Cisco ACS SE - version 4.1 Build 23 5 Patch 1
Cisco ACS Remote Agent version 4.2 (0.124)
The new operating system will work on 64-bit, I think that the current ACE SE and the remote agent can / must be upgraded.
My existing versions, give the possible scenarios of upgrade available for me. After that upgraded SE and Remote Agent should work for the 64 bit OS.
Thanks in advance!
Yes, it is not possible to upgrade the ACS ACS 5.2 existing to level 4.1. They are two different boxes run on a different platform.
Unfortunately ACS 4.x does not support windows 2008 r2.
5.2 ACS is the only option left, and you will need to buy a new box of seprate with the new licnese for this.
Concerning
Bellefroid
Note the useful messages
-
Cisco ACS 5.3 several AD domains
Hello everyone
I have a quick question about Cisco ACS 5.3 and multi domain authentication. How exactly is it treated?
Can I join more than one field with the ACS server? Or do I still need to configure this two-way trust between forests AD relationship (even with GBA 5.3)?
Thank you
Markus
Hello
You can join only acs to a single domain. Here's a thread that will help you identify the confidence you will need to get this working.
https://supportforums.Cisco.com/thread/2162234
Thank you
Tarik Admani
Please evaluate the useful messages
Sent by Cisco Support technique iPad App
-
Version of Cisco ACS 1121 5.3 - logging
Hello
I am new to Cisco ACS 5.X. What I've read, the Cisco ACS can act as a logging server. Does this mean, all messages from syslog to all other network and ACS devices can be stored by ACS? I'm a little confused on that part.
Finally, I understand that Cisco ACS has many or perhaps 2 instances? When we use these instance? What is this instance?
Kind regards
RAM
In the deployment, you must specify an acs as the Logcollector server. All other servers send the logs to the Logcollecter.
http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_sys...
In a distributed deployment, each acs server is an instance. If you have a main instance and multiple secondary instances.
http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_sys...
Sent by Cisco Support technique iPad App
Maybe you are looking for
-
Hello I have a 27 "iMac late 2015, retina - 5 k, bought a few months ago and El Capitan (OS X 10.11.5) running I recently bought a 10 Windows in order to create a dual boot. Of course, as I write here, it did not work. I tried everything I could. Fir
-
I have Windows 7 and when I upgraded to FF 23.0.1 I started having issues running FF. He gets hungup and broken, even in safe mode. I went down to 22 FF and the problem disappeared, but he maintains the upgrade to 23 even if I put this does NOT autom
-
Question about upgrading HDD on Satellite Pro U200-128
Hello I want to spend my laptop U200-128 HARD drive. What is the maximum size of HARD drive that can be used? Is it possible to use the 250 GB HARD drive? My current BIOS version is 3.7 Thank you
-
Satellite Pro L10 - wireless network card is not detected in Win7
Hello I have a dual boot with XP and Win7 Pro. If I install the wireless driver from the download on XP site, no problem. I tried the same procedure using the download wireless driver on the partition Win7 using a) driver XP b) driver Vista & c) the
-
CD/DVD drive icon disappeared-> not displayed in MY COMPUTER
Hello When I go into MY COMPUTER the icon of the CD/DVD drive is not there. Does anyone know how to get it back? Thank you