06-25-2024 04:59 AM
in the ISE distribution deployment
we install the PAN persona in the Main site and PSN persona in the remote site
the MS AD Main domain installed in the main site and we installed a tree branch of the AD on the remote site
1- I need to integrate the remote site PSN with the remote site tree branch AD
2- what will happened if the connection between the Main site and branch site become down ?
I read that there will not be service failure but we can not make any change in the PSN policy
because all changes is made through the PAN
but how the user authentication will happened as there is no communication between the PSN persona and the AD ?
Solved! Go to Solution.
06-25-2024 01:22 PM
the PSN will continue to operate but maybe out of sync with PAN and logging etc may be queued/delayed depending on where the MNT is . But new policy change on PAN will not be synced to the PAN until there is connectivity.. As long as you have AD DC in the branch that can respond to authentication requests, it will work with old policy sets etc
06-25-2024 01:22 PM
the PSN will continue to operate but maybe out of sync with PAN and logging etc may be queued/delayed depending on where the MNT is . But new policy change on PAN will not be synced to the PAN until there is connectivity.. As long as you have AD DC in the branch that can respond to authentication requests, it will work with old policy sets etc
06-28-2024 12:53 PM
thanks a lot
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide