This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Dear all. i have created lab envirement on eve-ng and trying to learn cisco ise. i configured switch as below
aaa group server radius ISE
server name ISE01
ip radius source-interface Vlan1
aaa authentication dot1x default group ISE
aaa authorization network default group ISE
aaa accounting update newinfo periodic 2880
interface vlan 1
ip address 10.10.10.100 255.255.255.0
radius server ISE01
address ipv4 10.10.10.20 auth-port 1812 acct-port 1813
Then tested using command shown below. But unfortunatelly nothing shown on Radius Live logs. i choose network device as default and enabled it with Radius key. Could you please instruct me to configure switch that cause logs not to be shown on radius live logs?
Switch#test aaa group radius test-user test-password new-code
Solved! Go to Solution.
Thanks Aditya .just give me a minute to test it and turn you back. one more think i want to ask. do you think the configuration is enough that logs to be displayed on Radius live logs? let me inform you that i have not configured switch interface yet
You mean i must use thirparty packet analyser tool or cisco ise has its own packet capture tool? If it has own, could you please show me the command
Yesterday i downloaded version 2.6.0 and tried once more. Tested aaa then logs appeared on Radius live log. I think the old version of ise has bug thats why i faced the issue. The problem tha i faced was on version 2.0
Hi @ccna_security ,
ISE has a nice tool on the GUI to take captures for any device (talking directly to ISE). This will give you unencrypted captures so, please be aware of any sensitive information such as passwords.
So you want to see this failed authentication attempt in RADIUS live logs right.
What is the ISE software version and patch you are using. If you are not able to see live logs completely or just this request is not shown up.
If the authentication report shows this attempt.
Also if the ISE Node is standalone.
I installed cisco 2.0 version on my laptop using vmware. When i look radius live logs non of the event shown there. As if it is not sync with switch. I downloaded ise 2.6 version and installed it on vmware and tested it for the first time and looked at radius live logs. Finally i saw authentication failure log on radius live log. I turned the ise off and on after 2 days later, this time application server get stuck by writing initializing. I am fed up with ise. Tons of article waits me to read but i haven't installed ise virual machine yet((
There are couple of live logs related issues fixed in latest releases. To understand the issue why live logs not showing up on 2.0, I need collector.log on the MNT and prrt-server.log on the PSN (in your case, I believe both persona are on one node).
Regarding ISE 2.6, it takes time for the application server process to come into running state from initializing after you power on the VM. If the process is still in initializing state then please check if the VM is provisioned with the recommended resources for ISE 2.6.
Software maintenance support for 2.0 and 2.0.x software releases end on March 17th 2020. No patches or maintenance releases will be provided for ISE 2.0 and 2.0.X releases after that date.
I would suggest you, instead of troubleshooting on ISE 2.0 version, focus on ISE 2.6 which is also marked as star release by Cisco with latest patch 6 installed on it as I believe you are working in your test environment.
-Let me know if you are still facing live log issue on ISE 2.6P6.
As i said i installed ise 2.6 version and gave virtual machine 4 gb ram, 4 cpu. This version has no any radius logs issue. But this version most time keep initializing application server wont change to running state.