cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
736
Views
2
Helpful
4
Replies

2 Node Virtual ISE Deployment

thenetadmin
Level 1
Level 1

Hello,

We are deploying a 2 node Cisco ISE  in a virtual environment for single site/location and integrate it with DNA Center as well.

Node 1: PAN, MNT, PSN & PxGrid

Node 2: PAN, MNT, PSN & PxGrid

 

Any best practices to be followed for distributing personas across the two nodes?

 

Thank you in advance for your insights!

1 Accepted Solution

Accepted Solutions

No problem @thenetadmin! Let's say your nodes are named A and B. Your deployment should look like this:

  • Administration: Should be enabled on both, but A should be primary
  • Montoring: Should be enabled on both, but B should be primary
  • Policy: Should be enabled on both
  • PxGrid: Should be enabled on both

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

View solution in original post

4 Replies 4

Torbjørn
VIP
VIP

Hello @thenetadmin,

You should see the following documentation regarding this: https://www.cisco.com/c/en/us/td/docs/security/ise/3-0/install_guide/b_ise_InstallationGuide30/b_ise_InstallationGuide30_chapter_1.html#node-types-and-personas-in-distributed-deployments  

You should keep your primary PAN node and primary MNT node separate to distribute load more evenly. The PSN persona is "primary less" and should be enabled on both nodes. The PxGrid service should be enabled on both nodes, but be aware that it relies on having a functioning primary PAN node.

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

thenetadmin
Level 1
Level 1

@Torbjørn Sorry for the late reply.

With 2 node deployment, how each personas should be distributed as best practice?

No problem @thenetadmin! Let's say your nodes are named A and B. Your deployment should look like this:

  • Administration: Should be enabled on both, but A should be primary
  • Montoring: Should be enabled on both, but B should be primary
  • Policy: Should be enabled on both
  • PxGrid: Should be enabled on both

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

thenetadmin
Level 1
Level 1

Thank you so much. @Torbjørn Appreciated