05-29-2021 11:33 AM
We experienced this bug after a power outage affected our upstream routers, disconnecting two PSNs for over an hour, and then multiple power interruptions to the PSNs. Upon restoration of power, the PSNs were back online and 'show application status ise' showed all processes working. External Authentication service to AD test worked normally. However, the PSNs would not authenticate any users via RADIUS and displayed:
15022 Could not find selected Access Service Resolution Internal Error, contact TAC Root cause
Many hours later and many attempts to edit and re-commit the Authorized Protocols settings, the outage persisted.
Re-sync of the affected PSNs was attempted
Eventually, a de-register and register of one of the two PSNs was attempted.
None of these fixed the problem.
Eventually, I created a new Authorized Protocol config, same settings different name, and applied it to the Policy Set and authentications immediately began working.
I believe this is related to CSCvw66483 where Radius Server Sequence gets corrupted upon changes and the only workaround is to re-create the Radius Server Sequence and then apply it to the policy.
10-20-2023 06:08 AM
@crysharris Thank you for help. This also solved my problem. I had those error logs after restarting ISE thorugh CLI.
"Eventually, I created a new Authorized Protocol config, same settings different name, and applied it to the Policy Set and authentications immediately began working."
02-15-2024 12:26 AM
Hello,
By Authorized Protocol config you mean Authorization profile or something else?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide