08-02-2018 10:30 AM
This situation usually takes place when your passing authentication from RSA to ISE has been lost via ISE communication. ISE 2.3 or lower versions seem to cache the RSA keys in the SQL database when ISE persona nodes lose communication within their acting environment. The cause of ISE restarting, or losing an ISE node in the External Identity environment may vary. Basically it loses communication to the Radius listening ports.
The fix listed above is a work-around. Once the Sql databases are cleared within the ISE nodes. The RSA configuratioin will have to be recreated. This means generating a new config file, uploading it into the ISE environment, and re-establisng the policy sets. And finally, the timing is crucial on restarting the ISE services within the ISE environment. These are some of the considerations to take in place. And finally remember to call TAC to facilitate the root access into ISE for the SQL changes.
Thanks
02-22-2019 08:11 AM
Not sure if this helps anyone, but with 2.4 we ran into this issue as well. For us, a bounce of an AD server fixed the issue.
Hope it helps.
01-17-2020 12:41 PM
And the bug is still present in 2.4 patch 10...Also i don't see it referenced in the Release Notes for patch 11
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide