cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
ISE 2.3 Patch 7 has been posted. This will be the last patch for the ISE 2.3 release!
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1599
Views
1
Helpful
2
Replies
Highlighted
Beginner

500 Internal Error

Hi Folks, looking for some feedback on an issue I've been dealing with as of late.

Issue:

Device X connects to SSID: xxyy. MAB authentication, Redirect to CWA, CWA responds with [500] Internal Error. Please contact system Administrator. If you are the System Administrator please consult the logs.

Device X connect to SSID: yyxx on same AP associated to same WLC. MAB authentication, Redirect to CWA, CWA login page pops, no error.

Troubleshooting:

PSN rebooted - Sometimes resolves the error. Does come back.

Device purge

Live authentications shows device stuck in RADIUS Accounting start request with no Auth Method. Forcing the device to Reauth via CoA from live authentication view triggers the device to Authenticate, Auth Method show mab and device is presented with CWA page.

Only log I found associated to the device

-::90:B6:::ProfilerCoA:- In DAO getRepository method for HostConfig Type: MNT

2016-05-26 11:58:45,823 ERROR  [portal-http-service741][] cisco.cpm.posture.runtime.PostureHandlerImpl

Thanks for the thoughts

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Beginner

Re: 500 Internal Error

Resolution to anyone having these symptoms.

If you have a WLC that has an anchor point, only enable Accounting on one WLC. Having Accounting enable on both WLC causes Accounting information to be sent twice to ISE. ISE will invalidate one of the sessions upon reception of the second and cause the client to produce 500 Internal Error.

2 REPLIES 2
Beginner

Re: 500 Internal Error

I've seen this several times with different customers, here is what I've experienced in these cases:

  • Session information is lost when trying to be redirected. I've seen this if you are trying to do something funky with custom html code on the webpage where your session data is not being passed between custom pages. Less likely in ISE 2.0 because it has more constraints on full-blown customization which equates to less screw-ups
  • THe PSN is built out-of-supported-spec . You might see VM resource issues (if its a VM) and/or the drive that the VM resides on is bad or underperforming (being hammered with other read/writes).
Beginner

Re: 500 Internal Error

Resolution to anyone having these symptoms.

If you have a WLC that has an anchor point, only enable Accounting on one WLC. Having Accounting enable on both WLC causes Accounting information to be sent twice to ISE. ISE will invalidate one of the sessions upon reception of the second and cause the client to produce 500 Internal Error.