Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1415
Views
0
Helpful
4
Replies

2 ISE Deployments on same network, different versions

Go to solution
craiglebutt
Level 4
Level 4

‎11-25-2022 12:50 AM

Hi

Last year upgraded our deployment from 6 PSN on 2.2 to 4 PSN on 2.7, this was due to 2 PSN being hardware and couldn't upgrade.

1 of the 2 PSN on 2.2 I turned in PAN, so could be used as a LAB.  Enable them yesterday to test a feature but noticed that the PSNs on 2.7 were sending data to the PAN on 2.2.

When I upgraded the Deployment in the first time, I built new nodes, and restored the data, but I did give those nodes the same IP and DNS.

The 2 old nodes are not part of this deployment, and the new nodes are not part of the old deployment.

These deployments should not even know about each other.

How is this?

 

Cheers

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
thomas
Cisco Employee
Cisco Employee

‎12-13-2022 04:33 PM

If you restored the configuration which contained the old nodes in a deployment, it still thinks they are in the deployment.  Remove them from the PAN and all should be good.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎11-25-2022 04:29 AM

if they are different deployment, i do not see the reason why they are sending data to Pan.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
thomas
Cisco Employee
Cisco Employee

‎12-13-2022 04:33 PM

If you restored the configuration which contained the old nodes in a deployment, it still thinks they are in the deployment.  Remove them from the PAN and all should be good.

0 Helpful

Go to solution
craiglebutt
Level 4
Level 4
In response to thomas

‎01-27-2023 02:14 AM

hi, I did restore, but the old PSN don't appear in the new PAN.

Plus the 2 old PSN, 1 I changed to a PAN and that is what is seeing the traffic.  In the old config, that PSN was never a PAN

 

cheers

0 Helpful

Go to solution
Marcelo Morais
VIP
VIP
In response to craiglebutt

‎01-27-2023 10:01 PM

Hi @craiglebutt ,

 when you said " ... but the Old PSN don't appear in the New PAN ... ", please use the following command to check who is the PAN:

 

ise/admin# show tech-support
...
*****************************************
Displaying ISE deployment ... 
*****************************************
Node Config Details

NAME PERSONA ROLE ACTIVE REPLICATION
------------------- --------------- ---------- ---------- ---------------
<MnT Hostname>      MNT             SECONDARY  ACTIVE     SYNC COMPLETED
<PSN Hostname>      PSN             SECONDARY  NONE       SYNC COMPLETED
<PAN Hostname>      PAN             PRIMARY    NONE       Not Applicable
...

 

Hope this helps !!!

0 Helpful
Customers Also Viewed These Support Documents