Thanks Aditya .just give me a minute to test it and turn you back. one more think i want to ask. do you think the configuration is enough that logs to be displayed on Radius live logs? let me inform you that i have not configured switch interface yet

i tested as you said but nothing shown o Radius live logs. do you have other option?

You mean i must use thirparty packet analyser tool or cisco ise has its own packet capture tool? If it has own, could you please show me the command

Yesterday i downloaded version 2.6.0 and tried once more. Tested aaa then logs appeared on Radius live log. I think the old version of ise has bug thats why i faced the issue. The problem tha i faced was on version 2.0

Hi @ccna_security ,

ISE has a nice tool on the GUI to take captures for any device (talking directly to ISE). This will give you unencrypted captures so, please be aware of any sensitive information such as passwords. 

Thanks Anurag. I will test it as well

hello all. i captured tcp packets and added screenshot. as you see on screenshot switch(10.10.10.100) sends access-request to ise(10.10.10.10) but logs not appears on Radius Live  LOgs. 

Dear Poonam

I installed cisco 2.0 version on my laptop using vmware. When i look radius live logs non of the event shown there. As if it is not sync with switch. I downloaded ise 2.6 version and installed it on vmware and tested it for the first time and looked at radius live logs. Finally i saw authentication failure log on radius live log. I turned the ise off and on after 2 days later, this time application server get stuck by writing initializing. I am fed up with ise. Tons of article waits me to read but i haven't installed ise virual machine yet(( 

Hi,

There are couple of live logs related issues fixed in latest releases. To understand the issue why live logs not showing up on 2.0, I need collector.log on the MNT and prrt-server.log on the PSN (in your case, I believe both persona are on one node).

Regarding ISE 2.6, it takes time for the application server process to come into running state from initializing after you power on the VM. If the process is still in initializing state then please check if the VM is provisioned with the recommended resources for ISE 2.6.

https://www.cisco.com/c/en/us/td/docs/security/ise/2-6/install_guide/b_ise_InstallationGuide26/b_ise_InstallationGuide_26_chapter_01.html

could you please instruct me to collect log that you need to troubleshoot? 

Software maintenance support for 2.0 and 2.0.x software releases end on March 17^th 2020. No patches or maintenance releases will be provided for ISE 2.0 and 2.0.X releases after that date.

I would suggest you, instead of troubleshooting on ISE 2.0 version, focus on ISE 2.6 which is also marked as star release by Cisco with latest patch 6 installed on it as I believe you are working in your test environment.

-Let me know if you are still facing live log issue on ISE 2.6P6.

As i said i installed ise 2.6 version and gave virtual machine 4 gb ram, 4 cpu. This version has no any radius logs issue. But this version most time keep initializing application server wont change to running state.