Cisco NAC3350-PROF-K9 Hardware Installation Guide - Page 159
Failing Over an HA-CAS Pair, Device Management > CCA Servers > List of Servers, List of Servers
View all Cisco NAC3350-PROF-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 159 highlights
Chapter 4 Configuring High Availability (HA) Installing a Clean Access Server High Availability Pair 2. Open the Clean Access Manager administration console. 3. Go to Device Management > CCA Servers > List of Servers. The Active CAS of a high-availability pair is displayed in brackets next to the Service IP for the pair, as shown in Figure 4-17. Since the HA-Primary CAS is turned off, the IP address of the HA-Secondary CAS should appear in brackets in the List of Servers with a status of Connected. Figure 4-17 Active CAS in an HA-Pair 4. Click the Manage button for the pair. The management pages of the HA-Secondary CAS (now the Active CAS) should appear. 5. From a client computer connected to the Clean Access Server's untrusted interface, test the configuration by trying to log on to the untrusted (managed) network as an authorized user. If successful, remain logged on and proceed to the next step. Failing Over an HA-CAS Pair To test your HA system, use the following steps: 1. Turn on the HA-Primary CAS machine. Make sure that the CAS is fully started and functioning before proceeding. 2. From the client computer, log off the user's session and try to log onto the untrusted (managed) network again as the user. 3. The HA-Secondary CAS should still be active and providing services for the user. 4. Shut down the HA-Secondary CAS machine. Note Cisco recommends "shutdown" or "reboot" on the machine to test failover, or, if a CLI command is preferred, service perfigo stop and service perfigo start. For a Virtual Gateway CAS, use service perfigo maintenance instead to bring the CAS to maintenance mode and allow network connectivity to the management VLAN. See Useful CLI Commands for HA, page 4-43 for details. 5. After about 15 seconds, you should be able to continue browsing, with the HA-Primary CAS becoming the Active server and providing the service. 6. Turn on the HA-Secondary CAS machine (the standby server). 7. Check the event log on the Clean Access Manager. It should correctly indicate the status of the Clean Access Servers (e.g., "rjcas_1 is dead. rjcas_2 is up"). 8. Testing of the high availability configuration is now complete. OL-20326-01 Cisco NAC Appliance Hardware Installation Guide 4-39