Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
21184
Views
20
Helpful
17
Replies

DNA and ISE integration problem

Diana Karolina Rojas
Cisco Employee
Cisco Employee

‎09-28-2018 11:02 AM - edited ‎03-08-2019 05:27 PM

Hello community,

 

We are having troubles doing the DNA and ISE integration, when we add the ISE in the DNA center all looks good and the device show the "ACTIVE" state, but I never see the client in pxGrid services, so ISE nevers see the DNA center as a client. In the Trusted Certificate from ISE I can see the DNA Center certificates, you have to know that DNA Center and ISE are in different domains, does that means?

 

All help will be appreciated.

 

Best Regards,

6 people had this problem
17 Replies 17

Gaur Samal
Cisco Employee
Cisco Employee
In response to tom.barat@dimensiondata.com

‎10-29-2018 12:22 PM

Hi Tom,

This definitely need live troubleshooting, please open up a TAC case or ask your Cisco partner/SE to open up for you.
TAC should be able to help you with this issue.

Thanks,
Gaur
0 Helpful

John David
Level 1
Level 1
In response to tom.barat@dimensiondata.com

‎03-10-2019 11:53 PM

yes same here, i was also looking for such kind of issues.

0 Helpful

tom.barat@dimensiondata.com
Level 1
Level 1

‎11-02-2018 09:11 AM

Hello,

 

As i previously said i was not able to open a TAC case for this issue because our ISE appliance is not under support contract, and the DNA center i am using belongs to a client, therefore i do not own the associated support contract and cannot use it for my own purposes.

 

Nevertheless i kept working on this issue. I reinstalled an ISE virtual appliance from scratch and was able to make the connection between DNA and the new ISE without any issues.

 

We currently have 2 theories regarding the initial issue's source :

- first, reinstalling a new ISE appliance allowed me to notice that our first ISE's NTP settings were all messed up (it currently believes we are July 4th). This could very well be the problem's source. In any case, poor NTP settings probably made things worse and potentially made the issue more difficult to troubleshoot.

- second, our first ISE has been used for a long time for all our test/lab/poc purposes. This means a lot of configuration was done by many different people and there might be "poor" configuration in use in the appliance. Specifically, the appliance was downgraded and upgraded many times in many different versions and patch level.

 

Thank you again for the help you provided.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card