https://community.cisco.com/t5/network-access-control/ise-logging-target/m-p/4715631#M578054 <P>How does ISE function if "<SPAN>Traffic between zones is prohibited."?&nbsp;&nbsp;</SPAN></P> <P><SPAN>The logs are sent to all configured logging targets directly from each PSN.&nbsp; I am not aware of a way to exclude certain log collectors on a per PSN basis.</SPAN></P> Thu, 03 Nov 2022 13:36:56 GMT ahollifield 2022-11-03T13:36:56Z https://community.cisco.com/t5/network-access-control/ise-logging-target/m-p/4715456#M578049 <P>Hello,</P> <P>We have a cluster deployment of 6 ISEs.</P> <P>We have 4 zones in separate DCs with 1 PSN per zone and one Syslog collector per zone.&nbsp;Traffic between zones is prohibited.</P> <P>Z1P &gt; 1 PSN / 1 Syslog</P> <P>Z2P&gt; 1 PSN / 1 PAN Primaire Mnt Secondaire / 1 Syslog</P> <P>Z1N &gt; 1 PSN / 1 PAN Secondaire Mnt Primaire / 1 Syslog</P> <P>Z1P &gt; 1 PSN / 1 Syslog</P> <P>We're looking for a solution so that the ISE logs reach their zone's Syslog collector without sending the flows four times.</P> <P>Is there a solution to this problem in an ISE version of 2.4 or 2.7?</P> <P>BR</P> <P>&nbsp;</P> Thu, 03 Nov 2022 09:58:38 GMT https://community.cisco.com/t5/network-access-control/ise-logging-target/m-p/4715456#M578049 jds5 2022-11-03T09:58:38Z https://community.cisco.com/t5/network-access-control/ise-logging-target/m-p/4715631#M578054 <P>How does ISE function if "<SPAN>Traffic between zones is prohibited."?&nbsp;&nbsp;</SPAN></P> <P><SPAN>The logs are sent to all configured logging targets directly from each PSN.&nbsp; I am not aware of a way to exclude certain log collectors on a per PSN basis.</SPAN></P> Thu, 03 Nov 2022 13:36:56 GMT https://community.cisco.com/t5/network-access-control/ise-logging-target/m-p/4715631#M578054 ahollifield 2022-11-03T13:36:56Z