Published On: August 6ᵗʰ, 2019 02:05

Installation and Upgrade Guide for Cisco Secure Access Control System 5.4

Preface

Revised: February 2, 2016, OL-26226-01

This guide describes the system requirements, installation, upgrade, configuration, troubleshooting, and maintenance process for the Cisco Secure Access Control System Release 5.4 (ACS 5.4).

ACS 5.4 consists of an ACS 5.4 server, the Cisco Application Deployment Engine operating system (ADE-OS), and ACS 5.4 software.

The ADE-OS and ACS 5.4 software run on either a dedicated Cisco 1121 Secure Access Control System Series appliance (CSACS-1121), or a dedicated Cisco 3415 Secure Access Control System Series appliance (SNS-3415), or on a VMware server. However, ACS 5.4 continues to support CSACS-1120 appliances that you have used for ACS 5.2 and that you would like to upgrade to ACS 5.4.

For virtual machine (VM)-based installations, you need to configure the VM environment to meet minimal system requirements, as well as install the ACS 5.4 software. The supported VMware version is ESXi 5.0. From patch 3 onwards, ACS 5.4 supports ESXi 5.1.

ACS 5.4 is compatible with ADE-OS 2.x. If you are using ACS 5.1, you must upgrade to this ADE-OS version as part of the ACS 5.4 upgrade.

Warranty, service, and support information is located in the Cisco Information Packet that shipped with your appliance.

Audience

This guide is designed for personnel who install and configure the CSACS-1121 appliance or SNS-3415 appliance and install ACS 5.4 software on the CSACS-1121 appliance, or on SNS-3415 appliance, or on a VMware server, or who perform upgrades to ACS 5.4 with CSACS-1120 appliance, CSACS-1121, or a VMware server.

To use this hardware publication, you should be familiar with networking equipment and cabling and should have a basic knowledge of electronic circuitry and wiring practices.

Warning Only trained and qualified personnel should be allowed to install, replace, or service this equipment. Statement 1030

Document Organization

This guide contains:

Chapter 1, “Understanding the ACS Server Deployment”—Provides an overview of ACS server deployments and their components. Read this chapter for planning a new ACS deployment.
Chapter 2, “Introducing the Cisco 1121 Secure Access Control System Hardware”—Provides an overview of CSACS-1121 hardware.
Chapter 3, “Preparing to Install the Cisco 1121 Secure Access Control System Hardware”—Describes the safety instructions, site requirements, and tasks to perform before installing CSACS-1121.
Chapter 4, “Installing the Cisco 1121 Secure Access Control System Hardware”—Provides instructions on rack-mounting configuration, mounting CSACS-1121, connecting cables, powering up the appliance, and removing and replacing the appliance.
Chapter 5, “Installing and Configuring the Cisco Secure Access Control System with CSACS-1121”—Describes how to install ACS for the first time with CSACS-1121.
Chapter 6, “Introducing the Cisco SNS 3415 Hardware Appliance”—Provides an overview of SNS-3415 hardware.
Chapter 7, “Preparing to Install the Cisco Secure Access Control System SNS 3415 Hardware”—Describes the safety instructions, site requirements, and tasks to perform before installing SNS-3415.
Chapter 8, “Installing the Cisco SNS 3415 Hardware Appliance”—Provides instructions on rack-mounting configuration, mounting SNS-3415, connecting cables, powering up the appliance, and removing and replacing the appliance.
Chapter 9, “Installing and Configuring Cisco Secure Access Control System with SNS-3415”—Describes how to install ACS for the first time with SNS-3415.
Chapter 10, “Installing ACS in a VMware Virtual Machine”—Describes how to install ACS using VMware ESX.
Chapter 11, “Upgrading the Cisco Secure Access Control System”—Describes how to upgrade an ACS server from 5.3 to 5.4 and how to upgrade an ACS 5.3 deployment to 5.4.
Chapter 12, “Post-Installation Tasks”—Provides information on installing an ACS license and a list of configuration tasks to perform after installation.
Appendix 1, “Troubleshooting” —Provides some techniques for troubleshooting the initial CSACS-1121 startup.
Appendix 1, “Site Log” —Provides recommendations for maintaining a site log to record all actions related to installing and maintaining CSACS-1121.
Appendix C, “Maintaining the CSACS-1121 and SNS-3415 Appliances” —Provides recommendations on maintaining the CSACS-1121 Series appliance after installation.

Installation, Upgrade, and Migration Scenarios

Table 1 lists some common scenarios to use for the installation, upgrade, or migration to ACS 5.4. For each of the scenarios, references to the respective chapters or guides are provided in the order that you must follow.

Table 1 Installation, Upgrade, and Migration Scenarios

Scenario	Reference
Installing ACS for the first time using the CSACS-1121 appliance	1. Chapter 2, “Introducing the Cisco 1121 Secure Access Control System Hardware” 2. Chapter 3, “Preparing to Install the Cisco 1121 Secure Access Control System Hardware” 3. Chapter 4, “Installing the Cisco 1121 Secure Access Control System Hardware” 4. Chapter 5, “Installing and Configuring the Cisco Secure Access Control System with CSACS-1121” 5. Chapter 12, “Post-Installation Tasks”
Installing ACS for the first time using the SNS-3415 appliance	1. Chapter 6, “Introducing the Cisco SNS 3415 Hardware Appliance” 2. Chapter 7, “Preparing to Install the Cisco Secure Access Control System SNS 3415 Hardware” 3. Chapter 8, “Installing the Cisco SNS 3415 Hardware Appliance” 4. Chapter 9, “Installing and Configuring Cisco Secure Access Control System with SNS-3415” 5. Chapter 12, “Post-Installation Tasks”
Installing ACS for the first time with a VMware server	1. Chapter 10, “Installing ACS in a VMware Virtual Machine” 2. Chapter 12, “Post-Installation Tasks”
Upgrading from ACS 5.2/5.3 to 5.4	1. Chapter 11, “Upgrading the Cisco Secure Access Control System”
Migrating from ACS 4.2 on the same hardware platform (CSACS-1120 Series appliance)	1. Back up the ACS 4.2 data from the CSACS-1120 Series appliance and restore the data on an intermediate migration machine. This intermediate migration machine must be a Windows server. See the ACS 5.4 Migration Guide at: http://www.cisco.com/en/US/docs/net_mgmt/ cisco_secure_access_control_system/5.4/migration/guide/ migration_guide.html 2. Perform a clean installation of ACS 5.4 on the CSACS-1120 appliance. See Chapter5, “Reimaging the ACS Server” 3. Perform migration of data from ACS 4.2 to ACS 5.4 according to the instructions that are provided in the ACS 5.4 Migration Guide. See: http://www.cisco.com/en/US/docs/net_mgmt/ cisco_secure_access_control_system/5.4/ migration/guide/migration_guide.html.
Migrating from ACS 4.2 on a different hardware platform	1. Perform initial installation of ACS 5.4 on a CSACS-1121 Series appliance or SNS-3415 Series appliance or VMware server. – To install ACS 5.4 on a CSACS-1121 appliance, see Chapter5, “Installation Using the CSACS-1121 Series Appliance” – To install ACS 5.4 on a SNS-3415 appliance, see Chapter9, “Installation Using the SNS-3415 Appliance” – To install ACS 5.4 on a VMware server, see Chapter10, “Installing ACS in a VMware Virtual Machine” 2. Perform migration of data from ACS 4.2 to ACS 5.4 according to the instructions that are provided in the ACS 5.4 Migration Guide. See: http://www.cisco.com/en/US/docs/net_mgmt/ cisco_secure_access_control_system/5.4/migration/ guide/migration_guide.html.

Document Conventions

This guide uses the following conventions to convey instructions and information.

Item	Convention
Commands, keywords, special terminology, and options that should be selected during procedures	boldface font
Variables for which you supply values and new or important terminology	italic font
Displayed session and system information, paths and file names	`screen` font
Information you enter	boldface screen font
Variables you enter	italic screen font
Menu items and button names	boldface font
Indicates menu items to select, in the order you select them.	Option > Network Preferences

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual.

Caution

Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.

Safety Warnings

Safety warnings appear throughout this publication in procedures that, if performed incorrectly, might harm you. A warning symbol precedes each warning statement. The safety warnings provide safety guidelines that you should follow when working with any equipment that connects to electrical power or telephone wiring. Included in the warnings are translations in several languages.

For detailed information about compliance guidelines and translated safety warnings, see Regulatory Compliance and Safety Information for Cisco Secure Access Control System.

Warning	IMPORTANT SAFETY INSTRUCTIONS This warning symbol means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents. Use the statement number provided at the end of each warning to locate its translation in the translated safety warnings that accompanied this device. Statement 1071 SAVE THESE INSTRUCTIONS
Waarschuwing	BELANGRIJKE VEILIGHEIDSINSTRUCTIES Dit waarschuwingssymbool betekent gevaar. U verkeert in een situatie die lichamelijk letsel kan veroorzaken. Voordat u aan enige apparatuur gaat werken, dient u zich bewust te zijn van de bij elektrische schakelingen betrokken risico's en dient u op de hoogte te zijn van de standaard praktijken om ongelukken te voorkomen. Gebruik het nummer van de verklaring onderaan de waarschuwing als u een vertaling van de waarschuwing die bij het apparaat wordt geleverd, wilt raadplegen. BEWAAR DEZE INSTRUCTIES
Varoitus	TÄRKEITÄ TURVALLISUUSOHJEITA Tämä varoitusmerkki merkitsee vaaraa. Tilanne voi aiheuttaa ruumiillisia vammoja. Ennen kuin käsittelet laitteistoa, huomioi sähköpiirien käsittelemiseen liittyvät riskit ja tutustu onnettomuuksien yleisiin ehkäisytapoihin. Turvallisuusvaroitusten käännökset löytyvät laitteen mukana toimitettujen käännettyjen turvallisuusvaroitusten joukosta varoitusten lopussa näkyvien lausuntonumeroiden avulla. SÄILYTÄ NÄMÄ OHJEET
Attention	IMPORTANTES INFORMATIONS DE SÉCURITÉ Ce symbole d'avertissement indique un danger. Vous vous trouvez dans une situation pouvant entraîner des blessures ou des dommages corporels. Avant de travailler sur un équipement, soyez conscient des dangers liés aux circuits électriques et familiarisez-vous avec les procédures couramment utilisées pour éviter les accidents. Pour prendre connaissance des traductions des avertissements figurant dans les consignes de sécurité traduites qui accompagnent cet appareil, référez-vous au numéro de l'instruction situé à la fin de chaque avertissement. CONSERVEZ CES INFORMATIONS
Warnung	WICHTIGE SICHERHEITSHINWEISE Dieses Warnsymbol bedeutet Gefahr. Sie befinden sich in einer Situation, die zu Verletzungen führen kann. Machen Sie sich vor der Arbeit mit Geräten mit den Gefahren elektrischer Schaltungen und den üblichen Verfahren zur Vorbeugung vor Unfällen vertraut. Suchen Sie mit der am Ende jeder Warnung angegebenen Anweisungsnummer nach der jeweiligen Übersetzung in den übersetzten Sicherheitshinweisen, die zusammen mit diesem Gerät ausgeliefert wurden. BEWAHREN SIE DIESE HINWEISE GUT AUF.
Avvertenza	IMPORTANTI ISTRUZIONI SULLA SICUREZZA Questo simbolo di avvertenza indica un pericolo. La situazione potrebbe causare infortuni alle persone. Prima di intervenire su qualsiasi apparecchiatura, occorre essere al corrente dei pericoli relativi ai circuiti elettrici e conoscere le procedure standard per la prevenzione di incidenti. Utilizzare il numero di istruzione presente alla fine di ciascuna avvertenza per individuare le traduzioni delle avvertenze riportate in questo documento. CONSERVARE QUESTE ISTRUZIONI
Advarsel	VIKTIGE SIKKERHETSINSTRUKSJONER Dette advarselssymbolet betyr fare. Du er i en situasjon som kan føre til skade på person. Før du begynner å arbeide med noe av utstyret, må du være oppmerksom på farene forbundet med elektriske kretser, og kjenne til standardprosedyrer for å forhindre ulykker. Bruk nummeret i slutten av hver advarsel for å finne oversettelsen i de oversatte sikkerhetsadvarslene som fulgte med denne enheten. TA VARE PÅ DISSE INSTRUKSJONENE
Aviso	INSTRUÇÕES IMPORTANTES DE SEGURANÇA Este símbolo de aviso significa perigo. Você está em uma situação que poderá ser causadora de lesões corporais. Antes de iniciar a utilização de qualquer equipamento, tenha conhecimento dos perigos envolvidos no manuseio de circuitos elétricos e familiarize-se com as práticas habituais de prevenção de acidentes. Utilize o número da instrução fornecido ao final de cada aviso para localizar sua tradução nos avisos de segurança traduzidos que acompanham este dispositivo. GUARDE ESTAS INSTRUÇÕES
¡Advertencia!	INSTRUCCIONES IMPORTANTES DE SEGURIDAD Este símbolo de aviso indica peligro. Existe riesgo para su integridad física. Antes de manipular cualquier equipo, considere los riesgos de la corriente eléctrica y familiarícese con los procedimientos estándar de prevención de accidentes. Al final de cada advertencia encontrará el número que le ayudará a encontrar el texto traducido en el apartado de traducciones que acompaña a este dispositivo. GUARDE ESTAS INSTRUCCIONES
Varning!	VIKTIGA SÄKERHETSANVISNINGAR Denna varningssignal signalerar fara. Du befinner dig i en situation som kan leda till personskada. Innan du utför arbete på någon utrustning måste du vara medveten om farorna med elkretsar och känna till vanliga förfaranden för att förebygga olyckor. Använd det nummer som finns i slutet av varje varning för att hitta dess översättning i de översatta säkerhetsvarningar som medföljer denna anordning. SPARA DESSA ANVISNINGAR





Aviso	INSTRUÇÕES IMPORTANTES DE SEGURANÇA Este símbolo de aviso significa perigo. Você se encontra em uma situação em que há risco de lesões corporais. Antes de trabalhar com qualquer equipamento, esteja ciente dos riscos que envolvem os circuitos elétricos e familiarize-se com as práticas padrão de prevenção de acidentes. Use o número da declaração fornecido ao final de cada aviso para localizar sua tradução nos avisos de segurança traduzidos que acompanham o dispositivo. GUARDE ESTAS INSTRUÇÕES
Advarsel	VIGTIGE SIKKERHEDSANVISNINGER Dette advarselssymbol betyder fare. Du befinder dig i en situation med risiko for legemesbeskadigelse. Før du begynder arbejde på udstyr, skal du være opmærksom på de involverede risici, der er ved elektriske kredsløb, og du skal sætte dig ind i standardprocedurer til undgåelse af ulykker. Brug erklæringsnummeret efter hver advarsel for at finde oversættelsen i de oversatte advarsler, der fulgte med denne enhed. GEM DISSE ANVISNINGER

Product Documentation

Note The printed and electronic documentation is sometimes updated after original publication. Therefore, you should also review the documentation on http://www.cisco.com for any updates.

Table 2 lists the product documentation that is available for ACS 5.4 on Cisco.com. To find end-user documentation for all products on Cisco.com, go to: http://www.cisco.com/go/techdocs

Select Products > Security > Access Control and Policy > Policy and Access Management > Cisco Secure Access Control System > Cisco Secure Access Control System 5.4.

Table 2 Product Documentation

Document Title	Available Formats
Cisco Secure Access Control System In-Box Documentation and China RoHS Pointer Card	http://www.cisco.com/en/US/products/ps9911/ products_documentation_roadmaps_list.html
Migration Guide for Cisco Secure Access Control System 5.4	http://www.cisco.com/en/US/products/ps9911/ prod_installation_guides_list.html
User Guide for Cisco Secure Access Control System 5.4	http://www.cisco.com/en/US/products/ps9911/ products_user_guide_list.html
CLI Reference Guide for Cisco Secure Access Control System 5.4	http://www.cisco.com/en/US/products/ps9911/ prod_command_reference_list.html
Supported and Interoperable Devices and Software for Cisco Secure Access Control System 5.4	http://www.cisco.com/en/US/products/ps9911/ products_device_support_tables_list.html
Release Notes for Cisco Secure Access Control System 5.4	http://www.cisco.com/en/US/products/ps9911/ prod_release_notes_list.html
Software Developer’s Guide for Cisco Secure Access Control System 5.4	http://www.cisco.com/en/US/products/ps9911/ products_programming_reference_guides_list.html
Regulatory Compliance and Safety Information for Cisco Secure Access Control System 5.4	http://www.cisco.com/en/US/docs/net_mgmt/ cisco_secure_access_control_system/5.4/ regulatory/compliance/csacsrcsi.html

Documentation Updates

Table 3 lists the updates to the Installation and Upgrade Guide for Cisco Secure Access Control System 5.4.

Table 3 Updates to the Installation and Upgrade Guide for Cisco Secure ACS 5.4

Date	Description
10/30/2012	Updated the guide with Cisco 3415 Secure Access Control System information.
10/23/2012	Cisco Secure Access Control System, Release 5.4

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/c/en/us/td/docs/general/whatsnew/whatsnew.html.

Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation as an RSS feed and delivers content directly to your desktop using a reader application. The RSS feeds are a free service.