Installing Cisco ACS 5.x

In this blog we will see how to install Cisco ACS 5.x. We already know what it is and why we are using it for. After this installation blog, we will deal with its configuration in following blogs.

We can have the ACS in one of two flavours:

  • Hardware appliance
  • VMWare ESX 4.x/5.x virtual machine

We will deal with the VMWare, because it’s an era of virtualization Smile

Let’s begin with installation requirements:

  • VMWare ESX 4.x/5.x hypervisor
  • Virtual machine with:
    • 2 vCPU
    • 4 GB RAM
    • Minimum of 60GB space for testing and 150GB or more of space for production
    • 1 VMNIC
  • Installation ISO image downloaded from Cisco’s site

With versions prior 5.4 I believe that HDD requirements were terrible: 512GB of free disk space. And they said if you created a virtual disk with less than that, the ACS will actually use only 60GB??? From Cisco’s Installation guide for version 5.3:

“ACS calculates the available disk space during the installation process and if the disk space is less than 500GB, it will get installed with 60GB space”

For version to 5.4 it is still recommended for secondary instance to have more than 500GB of disk space, for a log collector service.

Also for version 5.4, the minimum required VMWare hypervisor is 5.0.

Let’s create a VM. We will use a custom configuration:

image

We give it a name. Mine is called “ACS51” because I will have second instance witch will be called “ACS52”. The actual version is 5.4:

image

Then we choose a cluster:

image

It’s now data store selection time. Make sure we have enough free storage space on a VMFS file system to create a disk within it:

image

Because we are installing this ACS on an ESXi 5.x, we may select “Virtual Machine Version: 8”:

image

Then we select “Linux – Other 2.6.x Linux (32-bit)”:

image

We choose two virtual sockets:

image

Select the memory to be 4GB:

image

We choose appropriate port group or VLAN:

image

For a SCSI controller, we may choose “LSI Logic Parallel”:

image

Although I didn’t find notice whether disk should be a “thin provisioned” or a “thick provisioned” maybe it’s good idea to choose “thick” for performance sake. We will create 256GB hard disk:

image

image

And finally, here is a review what we have set up:

image

Before we can power this VM on, we need to mount or attach an ISO image to it:

image

Finally, it’s time to power this VM on! If it does not boot, we may check the VMs BIOS settings in order to make sure that the VM actually will boot from CD/DVD and that CD/DVD drive is marked as “Connected at power on” under VM settings:

SNAGHTML5f44039

In the console window of the ACS virtual machine, we begin installation with option “[1]”:

SNAGHTML5f7f822

The installation can take some time, so I guess it’s time for a coffee break!

When installation process completes, the VM reboots and we have to type “setup” to begin the setup process. All that follows is just entering basic informations:

SNAGHTML607eff8

Now we wait some more. Yet another coffee Smile

Ok, the coffee is over because the ACS has rebooted. We can now ping it and access it via web browser with a HTTPS request pointing to its IP address. But before we do that, we may access the VM console or do a SSH to the ACS to verify the application status:

acs51/admin# show application status acs

The result of this command may say that “ACS is bussy applying a recent configuration change” or something like that. After a while we should see the different output:

acs51/admin#
acs51/admin# show application status acs

ACS role: PRIMARY

Process ‘database’                  running
Process ‘management’                running
Process ‘runtime’                   running
Process ‘ntpd’                      running
Process ‘view-database’             running
Process ‘view-jobmanager’           running
Process ‘view-alertmanager’         running
Process ‘view-collector’            running
Process ‘view-logprocessor’         running

acs51/admin#

Now we can  access it by web browser. And this is what it looks like:

image

The user name witch we must use is “ACSAdmin” with a default password “default”. Of course, we need to change it right away:

image

And the final step is installing appropriate license obtained from Cisco. Just click “Browse”, select and install a .LIC file:

image

Once we do so, our primary instance is ready to go:

image

In some later blogs, we are going to install a trusted certificate, setup a replica instance and many more.

Thanks for reading!


Advertisements
This entry was posted in AAA, ACS 5.x, ACS/RADIUS/TACACS, Cisco, VMWare and tagged , , , , , . Bookmark the permalink.

2 Responses to Installing Cisco ACS 5.x

  1. M.Jovanovic says:

    So, there´s no way to install it on Linux server, it´s got to be an appliance? VM or HW

    • Sasa says:

      You cannot install it directly on a Linux server. You can, however, install it on a Linux box, inside VMware Workstation. For testing purposes, of course. For production you should use ESXi or hardware appliance.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s