Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1408
Views
6
Helpful
1
Replies

Cisco ISE

Go to solution
bilal.atif
Level 1
Level 1

‎05-16-2022 09:58 PM

We have two ISE primary and Secondary. Want to create a HA between them. if primary ISE goes down does secondary ISE run all services that were running on Primary ISE?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Arne Bier
VIP
VIP

‎05-16-2022 11:10 PM

Hi @bilal.atif 

 

Yes this is a classic 2-node deployment where each ISE Node will run Admin, Monitoring and Services.

The ISE HA ensures that the primary admin node (the one you log into the GUI) synchronises its config database with the other node. If Primary ISE node fails, then Secondary is a hot-standby. You have to manually promote the Standby node to log into the GUI to configure/view things - but the RADIUS/TACACS+/Web services will already be running same as the other node.

The NAD's (Switch/WLC/VPN) needs to have both ISE nodes configured as AAA servers and they will decide which server to use (based on things like health probes, dead timers etc.)

 

 

View solution in original post

1 Reply 1

Go to solution
Arne Bier
VIP
VIP

‎05-16-2022 11:10 PM

Hi @bilal.atif 

 

Yes this is a classic 2-node deployment where each ISE Node will run Admin, Monitoring and Services.

The ISE HA ensures that the primary admin node (the one you log into the GUI) synchronises its config database with the other node. If Primary ISE node fails, then Secondary is a hot-standby. You have to manually promote the Standby node to log into the GUI to configure/view things - but the RADIUS/TACACS+/Web services will already be running same as the other node.

The NAD's (Switch/WLC/VPN) needs to have both ISE nodes configured as AAA servers and they will decide which server to use (based on things like health probes, dead timers etc.)

 

 

Top