Cisco Secure ACS Replication Problem

Posted on 2014-03-18
Last Modified: 2014-04-11
Hello Experts,

We're having a problem getting our primary Cisco Secure ACS, UK-SU-AP091 to replicate with our secondary Cisco Secure ACS, UK-SU-AP092. The version of ACS is 5.2. See attachment.

Any help will be greatly appreciated.


Question by:cpatte7372
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2

Author Comment

ID: 39937153
Forgot the attachment

Author Comment

ID: 39937374

As you can see from the attached, the replication is stuck in pending..

Any help will be greatly appreciated...


Author Comment

ID: 39937492

We're scratching our heads why the secondary server keeps on saying offline....
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.


Author Comment

ID: 39937958
Can I get some help here?
LVL 46

Accepted Solution

Craig Beck earned 500 total points
ID: 39939718
I remember something about this being a cosmetic issue a while back.

If you make a change on the primary then immediately check the replication status does it come back online, then go offline a few minutes later?

Author Comment

ID: 39941830
Hi Craig,

Thanks for getting back to me.

You suggestion may well be correct, however it happens to fast to be able to tell.

How have you dealt with this problem in the past?

Cheers mate.
LVL 46

Expert Comment

by:Craig Beck
ID: 39941862
I haven't actually seen this with 5.2, only 5.1, but Cisco said it was cosmetic and that the replication would happen, just that the secondary would look like it's offline after a couple of minutes due to a bug.

If you note the replication ID then make a change, check the replication ID a few seconds/minutes later.  If the ID increments that usually means that replication was successful.

In the end we upgraded to 5.4 though as the customer wasn't happy with seeing the secondary look like it was offline all the time.

Author Closing Comment

ID: 39993999

Featured Post

Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Server  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question