Cisco Cisco NAC Appliance 4.1.0
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
13-18
Cisco NAC Appliance - Clean Access Server Installation and Administration Guide
OL-12213-01
Chapter 13 Configuring High Availability (HA)
Configure High Availability
Connect the Clean Access Servers and Complete the Configuration
1.
Shut down the HA-Primary CAS machine and connect the
caserver10
and
caserver12
machines
using a serial null modem cable (connecting available serial ports) and/or a crossover cable
(connecting Ethernet ports if using a third Ethernet interface such as eth2 for failover).
(connecting Ethernet ports if using a third Ethernet interface such as eth2 for failover).
2.
Open the Clean Access Manager administration console.
3.
Go to Device Management > CCA Servers > List of Servers. The Active CAS of a
high-availability pair is displayed in brackets next to the Service IP for the pair, as shown in
high-availability pair is displayed in brackets next to the Service IP for the pair, as shown in
. Since the HA-Primary CAS is turned off, the IP address of the HA-Secondary CAS
should appear in brackets in the List of Servers with a status of Connected.
Figure 13-9
Active CAS in an HA-Pair
4.
Click the Manage button for the pair. The management pages of the HA-Secondary CAS (now the
Active CAS) should appear.
Active CAS) should appear.
5.
Configure the DHCP Server settings so that they match the DHCP settings of the HA-Primary CAS.
If the HA-CAS pair operates as a DHCP server, follow the steps in
If the HA-CAS pair operates as a DHCP server, follow the steps in
to allow the peer Clean Access Servers to keep DHCP information in synchronization
6.
From a client computer connected to the Clean Access Server’s untrusted interface, test the
configuration by trying to log on to the untrusted (managed) network as an authorized user. If
successful, remain logged on and proceed to the next step.
configuration by trying to log on to the untrusted (managed) network as an authorized user. If
successful, remain logged on and proceed to the next step.
Active CAS
Service IP