I had to patch my ACS 5.2 server couple of times & thought of describing the process here. First of all you need to download the correct patch from Cisco web site. You can find that via Products->Security->Access Control and Policy->Policy and Access Management->Cisco Secure Access Control System or via this direct link. You should have valid CCO account & ACS product purchased from Cisco with valid contract.
In my case I have downloaded latest patch “5-2-0-26-11.tar.gpg” for my ACS 5.2 server. You need to create a software repository on your ACS before copying this file onto it. You can do this via “System Administration > Operations > Software Repositories” . Here is the screenshot of my software repository created for this.
You can choose multiple protocols, but I selected FTP after doing quick search on web. Lots of users reporting TFTP did not work properly, etc. Here is the complete list of values you can choose from.
I used free FTP server (called FileZilla) installed on my laptop, while creating username password for ACS to talk to it. Then you can install the patch into ACS server by issuing “acs patch install <filename> repository <repository-name> ” CLI command. Here is the screenshot of my file transfer.
You can verify the progress on ACS CLI as well. You should see something similar to this.
Once patch installed you can verify the application status by “show application status acs” & “show version” CLI commands. Below screenshot confirmed application is running correctly.
If you are using GUI you can confirm the same by clicking “About” button on the ACS admin page
What was your main reason for patching your ACS? I am getting my lab setup and I am running V 126.96.36.199.
There was some bugs with the initial version, I could not remember what it was…
hi, you have a very nice blog. i can get more info from ur blog than cisco’s website lol. by the way, im planning to upgrade a PI to 2.1 to support wlc in version 8. will their be any conflict between PI in 2.1 and acs in 5.5? tia
as of the moment i couldnt find any cisco related write ups regarding the info i need
ACS fails TFTP since it switches to SCP/SFTP in the download. At least in the 5.0 -> 5.1 -> 5.2. I did an upgrade a few years back which failed on the good old tftpd32 and had to run with Solarwinds Free TFTP and SCP/SFTP server to get it working properly from command line.
Tarun Vyas said:
This is very simple method to understand and config the patch.
Thanks for the nice article .
Do you have 5.2.11 ACS patch file. Cisco not longer have it .