cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
Register for the monthly ISE Webinars to learn about ISE configuration and deployment.
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

78
Views
0
Helpful
4
Replies
Beginner

Cisco ISE patch

Hello,

I am running ISE 2.4, on prim Admin I have installed patch 6, 9 but on sec Admin installed only Patch 9. because my secondary Admin was build months later so I did not install patch 6 on the same.

Is there any problem??

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Advocate

Re: Cisco ISE patch

When registering nodes, ISE checks that the major version and last patch are the same. There will be no issue with 2.4 if one node has other patches so long as both have patch 9 installed.

You only have to install the latest patch installed on the rest of the deployment.
4 REPLIES 4
Beginner

Re: Cisco ISE patch

Hi mate,

 

Patch 9 or any recent patches will usually include all the fixes on the previous patches. 

So technically patch 9 already covers 1-8.

 

Cheers,

 

Raffy

Beginner

Re: Cisco ISE patch

Thanks for your response, but what if incase i need to de-register and
register back again with secondary, will it be going to work.
as we have different patches running on Prim & Sec Nodes
Beginner

Re: Cisco ISE patch

Hi mate,

 

I haven't done like that so far where I have to derigester the node with different number of patches.

The document on Cisco shows vague info as well, unless it just really says same version and it doesn't care about the patch.

 

"• Ensure that the Primary PAN and the standalone node that you are about to register as a secondary node
are running the same version of Cisco ISE." - (https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_010.pdf)

 

I still think that it would work as again, you have the same version 2.x  and same recent patch.

 

 

Cheers,

 

Raffy

VIP Advocate

Re: Cisco ISE patch

When registering nodes, ISE checks that the major version and last patch are the same. There will be no issue with 2.4 if one node has other patches so long as both have patch 9 installed.

You only have to install the latest patch installed on the rest of the deployment.