Hi,
I'm upgrading from 7.1 SP4 to 8.1 and then 8.2.
VPN clients use RADIUS from an ASA 5515 which uses a Cisco ACS to authenticate to AM using the SDI protocol. I am reusing the same IP address on the new AM8 server.
I understand that the Agent will be migrated and I shouldn't have to update the sdconf file since the IP isn't changing.
Will I have to delete the Node Secret from the ACS, and if so, will a new SDI file be created on first authentication?
Thank you
No, because the migrated database will still have it for that Cisco ACS. The node secret is a symmetric key, so it have to be the same on both sides, and in this case it will be.
If you accidently delete the node secret on one side, you will have to clear it on the other side (server or agent) and then re-create it by successfully authenticating.