05-16-2022 09:58 PM
We have two ISE primary and Secondary. Want to create a HA between them. if primary ISE goes down does secondary ISE run all services that were running on Primary ISE?
Solved! Go to Solution.
05-16-2022 11:10 PM
Hi @bilal.atif
Yes this is a classic 2-node deployment where each ISE Node will run Admin, Monitoring and Services.
The ISE HA ensures that the primary admin node (the one you log into the GUI) synchronises its config database with the other node. If Primary ISE node fails, then Secondary is a hot-standby. You have to manually promote the Standby node to log into the GUI to configure/view things - but the RADIUS/TACACS+/Web services will already be running same as the other node.
The NAD's (Switch/WLC/VPN) needs to have both ISE nodes configured as AAA servers and they will decide which server to use (based on things like health probes, dead timers etc.)
05-16-2022 11:10 PM
Hi @bilal.atif
Yes this is a classic 2-node deployment where each ISE Node will run Admin, Monitoring and Services.
The ISE HA ensures that the primary admin node (the one you log into the GUI) synchronises its config database with the other node. If Primary ISE node fails, then Secondary is a hot-standby. You have to manually promote the Standby node to log into the GUI to configure/view things - but the RADIUS/TACACS+/Web services will already be running same as the other node.
The NAD's (Switch/WLC/VPN) needs to have both ISE nodes configured as AAA servers and they will decide which server to use (based on things like health probes, dead timers etc.)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide