This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Configured the following on ISE 2.3:
1 ISE interface for CPP and Admin
CCP portal runs on TCP port 8443 with its own certificate signed by CA1
Admin portal runs on port 443 with its own certificate signed by CA2
When a CCP redirection occurs, the client first get redirected on port 443 (with the wrong certificate) and to port 8443 with the right certificate.
I would have expected that the client would directly go to the 8443 port.
Anybody seen this ?
Solved! Go to Solution.
I have the same in ISE 2.2 - I raised a TAC case for it. They told me it was due to CSCut16630 (ancient bug).
Luckily I have an F5 load balancer that is masking this issue.
The ISE installation guide 2.3 states that ISE presents Admin cert for Posture and CPP, then Portal cert for 8443. So I doubt if it’s really a bug. All the installation guides from 1.2 to 2.3 state this.