8-15
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
Chapter 8 Establishing Cisco Secure ACS System Configuration
CiscoSecure Database Replication
Cisco Secure ACS every time it runs. Therefore, a large database results in
substantial amounts of data being transferred, and the processing overhead can
also be large.
Important Implementation Considerations
You should consider several important points when you implement the
CiscoSecure Database Replication feature:
•
Cisco Secure ACS only supports database replication to other
Cisco Secure ACSes. All Cisco Secure ACSes participating in CiscoSecure
database replication must run the same version of Cisco Secure ACS. We
strongly recommend that Cisco Secure ACSes involved in replication use the
same patch level, too.
•
You must ensure correct configuration of the AAA Servers table in all
Cisco Secure ACSes involved in replication.
–
In its AAA Servers table, a primary Cisco Secure ACS must have for
each of its secondary Cisco Secure ACS an accurately configured entry.
–
In its AAA Servers table, a secondary Cisco Secure ACS must have for
each of its primary Cisco Secure ACSes an accurately configured entry.
–
On a primary Cisco Secure ACS and all its secondary
Cisco Secure ACSes, the AAA Servers table entries for the primary
Cisco Secure ACS must have identical shared secrets.
•
Only suitably configured, valid Cisco Secure ACSes can be secondary
Cisco Secure ACSes. To configure a secondary Cisco Secure ACS for
database replication, see
Configuring a Secondary Cisco Secure ACS,
page 8-21
.
•
Replication to secondary Cisco Secure ACSes takes place sequentially in the
order listed in the Replication list under Replication Partners on the
CiscoSecure Database Replication page.
•
A secondary Cisco Secure ACS receiving replicated components must be
configured to accept database replication from the primary
Cisco Secure ACS. To configure a secondary Cisco Secure ACS for database
replication, see
Configuring a Secondary Cisco Secure ACS, page 8-21
.