Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1554
Views
0
Helpful
7
Replies

Cisco ISE Migration from 2.4 to 3.1

Go to solution
networker9
Level 1
Level 1

‎03-07-2023 12:58 AM


We currently have ISE- 5 node cluster with 2 node for PAN and 3 nodes for PSN and currently running 2.4 version.

We need to upgrade to 3.1 which is currently the suggested stable release.

All integrations like AD, SMS gateway etc are active on the current setup.

Will be deploying on a new set of VM's and would like to use same IP's being currently used. 

Need suggestion to the best possible approach to achieve this.

 

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎03-07-2023 01:34 AM

@networker9 Cisco has an offical guide and a webinar on this subject, this covers the different methods available when upgrading and hopefully answers all your questions.

https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/upgrade_guide/HTML/b_upgrade_method_3_1.html

https://www.youtube.com/watch?v=q2JpC8oNssA

 

View solution in original post

0 Helpful

Go to solution
Charlie Moreton
Cisco Employee
Cisco Employee

‎03-07-2023 04:30 AM

I detail the procedure to accomplish this in the following video:

Upgrading ISE Using the Backup and Restore Method 

Take note that moving from 2.4 to 3.1 will require a 2-step upgrade.  See here for details:

ISE Version Upgrade Matrix

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Rob Ingram
VIP
VIP

‎03-07-2023 01:34 AM

@networker9 Cisco has an offical guide and a webinar on this subject, this covers the different methods available when upgrading and hopefully answers all your questions.

https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/upgrade_guide/HTML/b_upgrade_method_3_1.html

https://www.youtube.com/watch?v=q2JpC8oNssA

 

0 Helpful

Go to solution
Charlie Moreton
Cisco Employee
Cisco Employee

‎03-07-2023 04:30 AM

I detail the procedure to accomplish this in the following video:

Upgrading ISE Using the Backup and Restore Method 

Take note that moving from 2.4 to 3.1 will require a 2-step upgrade.  See here for details:

ISE Version Upgrade Matrix

0 Helpful

Go to solution
networker9
Level 1
Level 1
In response to Charlie Moreton

‎03-07-2023 06:31 AM

Hi Charlie,

Thanks for sharing the procedure.

Does this process need to run the URT tool as well.

As we are directly installing a fresh machine from scratch, not required of any URT tool to run i guess.

0 Helpful

Go to solution
Charlie Moreton
Cisco Employee
Cisco Employee
In response to networker9

‎03-07-2023 06:39 AM

Yes, the URT is recommended to ensure the backup file to be restored has no issues preventing a successful restoration to the new deployment.

0 Helpful

Go to solution
networker9
Level 1
Level 1
In response to Charlie Moreton

‎03-07-2023 06:55 AM

So, as per the suggested Backup & Restore Procedure, the steps would be first run the URT tool.

Next collect a fresh backup, de-register the secondary administration node, re-install with 2.6 or 2.7, restore the backup. (This will act as primary but won't function as there are no PSN.)

Next, we will repeat the task on PSN-1 and then can we join the upgraded PAN node. Will there be any interruptions in the service at this point.?

 

0 Helpful

Go to solution
ahollifield
VIP
VIP
In response to networker9

‎03-08-2023 05:47 AM

Are these VMs?  I would just re-deploy the PSNs from scratch using the OVA.  Impossible to say if you will encounter a service disruption.  How are your NADs configured?  Do they all point to multiple PSNs?  Obviously taking the PSN down for re-deployment will cause it to stop responding to RADIUS/TACACS+ requests.

0 Helpful

Go to solution
networker9
Level 1
Level 1

‎02-23-2024 04:55 AM

Hi Charlie,

The upgrade was successful by using backup and restore method.

Thanks for the advise.

0 Helpful
Customers Also Viewed These Support Documents