Cisco Cisco NAC Appliance 4.1.0
C H A P T E R
13-1
Cisco NAC Appliance - Clean Access Server Installation and Administration Guide
OL-12213-01
13
Configuring High Availability (HA)
This chapter describes how to set up two Clean Access Servers in high availability (HA) mode.By
deploying Clean Access Servers in high-availability mode, you can ensure that important user
authentication and connection tasks continue in the event of an unexpected shutdown. Topics include:
deploying Clean Access Servers in high-availability mode, you can ensure that important user
authentication and connection tasks continue in the event of an unexpected shutdown. Topics include:
•
•
•
•
•
•
•
•
•
•
Overview
The following key points provide a high-level summary of HA-CAS operation:
•
The Clean Access Server high-availability mode is an Active/Passive two-server configuration in
which a standby CAS machine acts as a backup to an active CAS machine.
which a standby CAS machine acts as a backup to an active CAS machine.
•
The active CAS performs all tasks for the system. Since most of the CAS configuration is stored on
the CAM, when CAS failover occurs, the CAM pushes the configuration to the newly-active CAS.
the CAM, when CAS failover occurs, the CAM pushes the configuration to the newly-active CAS.
•
The standby CAS does not forward any packets between its interfaces.
•
The standby CAS monitors the health of the active CAS via heartbeat interface (serial and/or UDP).
Heartbeat packets can be sent on the serial interface, dedicated eth2 interface, or eth0 interface (if
an eth2 interface is not available).
Heartbeat packets can be sent on the serial interface, dedicated eth2 interface, or eth0 interface (if
an eth2 interface is not available).
•
The primary and secondary CAS machines exchange UDP heartbeat packets every 2 seconds. If the
heartbeat timer expires, stateful failover occurs.
heartbeat timer expires, stateful failover occurs.