Danny, Depending on the criticality of having ACS operational (i.e. mission critical routers, etc), make sure you have a secondary ACS server in a seperate location. ACS does a very good job of replicating to a secondary server, and have a good system backup process in place. Also make sure your addressing is squared away and the secondary ACS IP wont change. We're grappling with that now. I support a global net with 600+ routers, 800+ switches. All the routers are in ACS and some of the switches. We're piloting CryptoCard for OTP access (due to security), and have had a few glitches. Another thing to keep in mind, have the router passwords archived somewhere and readily accessable, because sooner or later the ACS server will die, then what do you do!!! We're also using CW2K, does a great job of asset management, archiving the configs, syslogging, tracking config changes, etc. But so far not too great in pushing configs out. Just very leary of potentially having several hundred routers go belly up.
If you're interested, I can share our AAA profile we're using. Greg ""Andaluz Danny"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Mangement just approved us getting ACS for Windows. Anyone have any tips or > tricks they might want to share. We have over 100 routers in our network, > so it's going to be one hell of a project. > > TIA > Danny Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39320&t=39310 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
