Manuals / Brands / Photography / Security Camera / Cisco Systems / Photography / Security Camera

Cisco Systems OL-15986-01 Replication and High Availability, Setting up replication

1 134

Download 134 pages, 3.36 Mb

CHAPTE R

12-1

Cisco NAC Guest Server Installation and Configuration Guide

OL-15986-01

12

Replication and High Availability

To provide high availability, the Cisco NAC Guest Server solution can be configured so that a pair of

units synchronize their databases between one another. This provides the ability for the solution to carry

on working in the event of loss of connectivity or failure to a single unit.

High availability is provided in an active/active scenario, where both Cisco NAC Guest Servers can

service requests from sponsors or network devices at the same time. This capability also allows you to

load balance the requests between the boxes.

Note For load balancing external load balancers must be used to load balance the web interface. RADIUS

requests can also be load balanced via external load balancers or by configuration.

This chapter includes the following sections:

• Setting up replication

• Configuring Provisioning

• Replication Status

• Recovering from Failures

• Deployment Considerations

Setting up replication

Initial replication is configured by setting one of the Cisco NAC Guest Servers to copy all of the data

from the other Guest Server. The Guest Server that is configured to copy the data from the ot her device

will be first set to delete all its own data. This ensures that no conflicts exist. Cisco recommends setting

up replication at initial install time of Cisco NAC Guest Server, or when adding a new Guest Server to

an existing implementation.

Warning

All Data on one of the Guest Servers will be overwritten. If you have data that is needed on both Guest

Servers then you should not configure replication as you will loose data.

Once one of the Guest Servers has received a copy of the data from the other device they are

synchronized and replication is turned on. Any data that is updated on one Guest Server is then

automatically replicated to the other Guest Server.

All communication between the Cisco NAC Guest Servers is encrypted using SSL and runs over TCP

destination port 5432.

Contents

Main Cisco NAC Guest Server Installation and Configuration Guide Page CONTENTS Page Page Page Page Page About This Guide Audience Purpose Document Conventions Product Documentation Obtaining Documentation and Submitting a Service Request Welcome to Cisco NAC Guest Server Introduction Guest Access Concepts Before You Start Package Contents Rack Mounting Cisco NAC Guest Server Licensing Upgrading Firmware Additional Information Installing Cisco NAC Guest Server Connecting the Cisco NAC Guest Server Page Command Line Configuration Configure IP Address and Default Gateway Page Change Root Password Re-Imaging the Appliance Page Page System Setup Accessing the Administration Interface Obtain and Install Cisco NAC Guest Server License Access Cisco NAC Guest Server Administration Interface Configuring Network Settings Date and Time Settings Page SSL Certificate Accessing the Guest Server using HTTP or HTTPS Generating Temporary Certificates/ CSRs/ Private Key Downloading Certificate Files Downloading the CSR and Certificate Downloading the Private Key Upload Certificate Files Configuring Administrator Authentication Add New Admin Account Edit Existing Admin Account Page Delete Existing Admin Account Page Configuring Sponsor Authentication Configuring Local Sponsor Authentication Add New Local User Account Page Edit Existing User Account Delete Existing User Account Configuring Active Directory (AD) Authentication Add Active Directory Domain Controller Edit Existing Domain Controller Page Delete Existing Domain Controller Entry Configuring LDAP Authentication Page Add an LDAP Server Edit an Existing LDAP Server Page Delete an Existing LDAP Server Entry Configuring RADIUS Authentication Add a RADIUS Server Edit an Existing RADIUS Server Delete an Existing RADIUS Server Entry Configuring Sponsor Authentication Settings Changing the Order of Authentication Servers Sponsor Timeouts Page Configuring User Group Permissions Adding User Groups Page Page Editing User Groups Page Deleting User Groups Specifying the Order of User Groups Mapping to Active Directory Groups Mapping to LDAP Groups Page Mapping to RADIUS Groups Configuring Guest Policies Setting the Username Policy Setting the Password Policy Setting the Guest Details Policy Page Integrating with Cisco NAC Appliance Adding Clean Access Manager Entries Page Editing Clean Access Manager Entries Deleting Clean Access Manager Entries Configuring the CAM for Reporting Adding a RADIUS Accounting Server Configure the CAM to Format RADIUS Accounting Data Page Page Configuring RADIUS Clients Overview Adding RADIUS Clients Editing RADIUS Clients Deleting RADIUS Clients Page Page Guest Account Notification Configuring Email Notification Configuring SMS Notification Page Customizing the Application User Interface Templates Adding a User Interface Template Editing a User Interface Template Page Editing the Print Template Editing the Email Template Editing the SMS Template Using Account Durations Deleting a Template Setting the Default Interface Mapping Setting User Default Redirection Page Backup and Restore Configuring Backup Settings Taking a snapshot Scheduling a Backup Restoring Backups Page Replication and High Availability Setting up replication Page Configuring Provisioning Replication Status Recovering from Failures Network Connectivity Device Failure Deployment Considerations Connectivity Load Balancing Web Interface RADIUS Interface Page Page Logging and Troubleshooting System Logging Log Files Downloading the log files Application Logging Email Logging RADIUS Logging Page Page Licensing Licensing Page Sponsor Documentation Introduction to Cisco NAC Guest Server Connecting to the Guest Server Page Page Creating Guest User Accounts Page Print Account Details Email Account Details Text Message Account Details (SMS) Multiple Guest Accounts Creating Multiple Accounts from Text Entry Creating Multiple Accounts from CSV File Creating Multiple Random Accounts Printing/Email/SMS Multiple Accounts Viewing Multiple Account Groups Viewing Multiple Account Groups Finding Multiple Account Groups by username Finding Multiple Account Groups on the Active Accounts Report. Editing Guest Accounts Suspending Guest Accounts Viewing Active Accounts and Resending Details Reporting on Guest Users Page APPENDIX A Open Source License Acknowledgements Notices OpenSSL/Open SSL Project License Issues