Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1220
Views
10
Helpful
1
Replies

DNAC 2.2.3.4 & ISE 3.0p5 Integration Issue

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎02-07-2022 08:07 AM - edited ‎02-07-2022 08:08 AM

Anyone aware of any bugs relating to DNAC 2.2.3.4 & ISE 3.0p5 integration?  Issue has appeared post ISE bundle upgrade end of last week.  Integration snippet from DNAC:

dnac_ise_integration_502_error_LI (2).jpg

 DNAC System360 snippet status:

dnac_ise_sys_360_LI.jpg

 

Debug Logs from DNAC for ISE integration:

------------------------

$ magctl service logs -rf network-design | lql

| 0 | 2022-02-07 14:58:59,804 | ERROR | SimpleAsyncTaskExecutor-5 | | c.c.a.c.s.h.CreateAaaMessageHandler | Establish trust with ISE failed with exception || 1 | com.cisco.apicem.commonsettings.service.exception.DnaIseIntegrationException: Error response received from ISE (HTTP status code: 502).

------------------------------------------------

$ magctl service logs -r pxgrid | grep ERROR

INFO | coIseServiceImpl-Worker-2 | | c.c.e.i.n.PxgridHealthNotifier | MaglevEvent : ID: SYSTEM_EXTERNAL_ISE_PXGRID, Name: ISE PxGrid Connection Status, Namespace: SystemRawEvent, Domain: Integrations, Subdomain: PxGrid, Type: SYSTEM, Category: ERROR, Context: ISE PxGrid, Description: ISE PxGrid Connection Status : DISCONNECTED : , InstanceId: f4f68539-20f2-4fa8-bfe3-6999f9d32a71, Source: ISE PxGrid, TenantId: SYS0, Version: 1.0.0, Severity: 1, TimeStamp: 1644122708492, Payload: {"event_payload":{"pxGridConnectionStatus":"DISCONNECTED","failureReason":"","iseIp":"XX.XX.XX.XX","hostname":"abcdefXX.XX.XX","eventType":"FAILURE"},"system_event":{"event":"Failure","tags":"PxGrid","event_instance_id":{"hostname":"abcdefXX.XX.XX","ip":"XX.XX.XX.XX"}}} |INFO | coIseServiceImpl-Worker-2 | | c.c.e.i.n.PxgridHealthNotifier | MaglevEvent : ID: SYSTEM_EXTERNAL_ISE_PXGRID, Name: ISE PxGrid Connection Status, Namespace: SystemRawEvent, Domain: Integrations, Subdomain: PxGrid, Type: SYSTEM, Category: ERROR, Context: ISE PxGrid, Description: ISE PxGrid Connection Status : DISCONNECTED : Connection failed., InstanceId: 9dcbd5cc-e184-456b-8584-f0a762b08fc1, Source: ISE PxGrid, TenantId: SYS0, Version: 1.0.0, Severity: 1, TimeStamp: 1644122708497, Payload: {"event_payload":{"pxGridConnectionStatus":"DISCONNECTED","failureReason":"Connection failed.","iseIp":"XX.XX.XX.XX","hostname":"abcdefXX.XX.XX","eventType":"FAILURE"},"system_event":{"event":"Failure","tags":"PxGrid","event_instance_id":{"hostname":"abcdefXX.XX.XX","ip":"XX.XX.XX.XX"}

I have tried removing the pxgrid client in ISE & restarting network-design via: $magctl service restart -d network-design, but the issue is still present.  Currently have a case open with TAC, but figured I would share here to see if anyone has any insight. TIA!

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎02-07-2022 09:39 AM

FYSA This ended up getting resolved after reloading the ISE nodes that are running the pxgrid service.  Quick fix was remove stale dnac clients in ISE, app stop ise/app start ise on respective nodes, & re-test integration with ISE from DNAC AAA server settings.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎02-07-2022 09:39 AM

FYSA This ended up getting resolved after reloading the ISE nodes that are running the pxgrid service.  Quick fix was remove stale dnac clients in ISE, app stop ise/app start ise on respective nodes, & re-test integration with ISE from DNAC AAA server settings.

0 Helpful
Customers Also Viewed These Support Documents