Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
784
Views
0
Helpful
4
Replies

Cisco ISE and receiving alarm between different ISE clusters

r.westman
Level 1
Level 1

‎12-01-2019 01:46 AM

We have two separate ISE clusters on the same subnet. When a certificate expire on one cluster we get a notification in the Alarm widget on both cluster. How does they know about each other? Are certificate expired alarms distributed by multicast? 

 

Thanks

0 Helpful
4 Replies 4

Damien Miller
VIP Alumni
VIP Alumni

‎12-01-2019 04:11 PM

Two independent deployments, or two nodes joined in a deployment?

If there are two independent deployments, look in the logging menu at the remote logging targets. See if one deployment is pointed at the other as a remote logging target. I've never tried it myself, but the log collector might process correctly formatted ISE syslogs if they are sent. If so, possible denial of service avenue.
0 Helpful

r.westman
Level 1
Level 1
In response to Damien Miller

‎12-01-2019 11:26 PM

It is two independent deployments and there is no Remote Logging Targets pointing to ip addresses in the other deployment.

0 Helpful

craiglebutt
Level 4
Level 4

‎12-02-2019 12:22 AM

I have a similar issue not with certificates, but with some endpoints, my test lab is picking up devices, but the VLAN helper isn't pointing to LAB.
0 Helpful

hslai
Cisco Employee
Cisco Employee

‎12-07-2019 12:59 PM

Since this not an easy matter, please engage Cisco TAC.

0 Helpful
Customers Also Viewed These Support Documents