Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
304
Views
0
Helpful
3
Replies

Cisco ISE - Migration From Middle to Large Architecture

Go to solution
doverture
Level 1
Level 1

‎10-06-2025 03:03 AM

Good Morning, a customer is going to add other PSNs to the current distributed Cisco ISE environment. By now they have a Middle size architecture with a couple of PAN and MNT and five PSNs. In order to add new PSNs (by now four or five) I suppose that a Large architecture has to be deployed (2 PAN + 2 MNT + Max 50 PSN). Did you have had similar experiences? Can you suggest a right procedure to minimize out of services in the production distributed environment?

Any suggestion is appreciated!

DN

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
PSM
Level 1
Level 1
In response to doverture

‎10-06-2025 10:48 PM

@doverture This can be sequence. 1. Disable secondary MNT persona from primary PAN node 2. Register one new node in deployment and make it secondary MNT. 3. Disable secondary PAN from the primary MNT node. 4. Register one more new node in deployment and make it secondary PAN. 5. Thereafter you can add additional PSNs as needed.     

View solution in original post

0 Helpful
3 Replies 3

Go to solution
PSM
Level 1
Level 1

‎10-06-2025 05:58 AM

@doverture  To convert from Medium deployment to Large deployment you need dedicated nodes for PAN and MNT personas. So this means you will be using 4 nodes in total only for PAN and MNT purpose instead of existing 2 nodes. You can increase PSNs without disturbing existing PSNs as they are dedicated already. For advise on migration procedure need detail about the current setup. You can share the the existing personas of different nodes here or feel free to contact directly via DM.

0 Helpful

Go to solution
doverture
Level 1
Level 1

‎10-06-2025 06:21 AM

Hello @PSM the current setup is easy: there are 2 PAN that are also MNT (primary PAN is secondary MNT and viceversa) and then there are already 5 dedicated PSN. 

DN

0 Helpful

Go to solution
PSM
Level 1
Level 1
In response to doverture

‎10-06-2025 10:48 PM

@doverture This can be sequence. 1. Disable secondary MNT persona from primary PAN node 2. Register one new node in deployment and make it secondary MNT. 3. Disable secondary PAN from the primary MNT node. 4. Register one more new node in deployment and make it secondary PAN. 5. Thereafter you can add additional PSNs as needed.     

0 Helpful
Customers Also Viewed These Support Documents