Buy or Renew
Buy or Renew
Join the Catalyst Center Onboarding Ask Me Anything event happening now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
519
Views
0
Helpful
4
Replies

SDA - DNAC is not pushing NAD's on ISE

aleopoldie
Level 3
Level 3

‎07-08-2024 03:34 AM

Hello there,

I am in the beginning of a new SDA deployment and I face an issue. 

DNAC is not pushing NAD's to the ISE during the border nodes onboarding. We checked the FW ports and the required flows seem opened. The integration between DNAC and ISE is good, otherwise we would see an error.

I don't see that much on official documentation for this specific topic, just the communication ports section from the DNAC's best practices guide : https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/hardening_guide/b_cisco_catalyst_center_security_best_practices_guide.html

Is there a way on the DNAC to see what is causing this issue ?

Thank you,

A.

Labels:
0 Helpful
4 Replies 4

Torbjørn
VIP
VIP

‎07-08-2024 03:57 AM

You could see if the "ise-bridge" service logs can give you any hints. You can view them under "System" > "System 360", Select view services next to your host(s), search for "ise-bridge" and click "Logs".

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev
0 Helpful

marce1000
Hall of Fame
Hall of Fame

‎07-08-2024 04:10 AM

 

         - Are the versions of ISE and DNAC compatible (couldn't find those info's directly myself) ?
         - Check DNAC logs when trying
         - On ISE you could for instance examine : 
                            show logging system ade/ADE.log
                            show logging application ise-psc.log

   M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

aleopoldie
Level 3
Level 3
In response to marce1000

‎07-09-2024 02:24 AM

Nothing weird on the ADE.log or ise-psc.log.

We found some ERS errors (see in attachment).

Perhaps it could be related to this bug https://bst.cisco.com/bugsearch/bug/CSCwh41075?rfs=qvred 

Preview file
54 KB
Preview file
140 KB
0 Helpful

marce1000
Hall of Fame
Hall of Fame
In response to aleopoldie

‎07-09-2024 02:51 AM

 

       - As the bug reports mentions no Fixes Releases , then you need to invoke TAC , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card