cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3134
Views
15
Helpful
9
Replies

Downgrading from 2.4 to 2.3

bilclay
Cisco Employee
Cisco Employee

I'm guiding a customer through a downgrade from ISE 2.4 to ISE 2.3. They only care about configuration, not DB. Will I be able to export 2.4 config and import it into 2.3 or will it be a fully manual rebuild?

2 Accepted Solutions

Accepted Solutions

howon
Cisco Employee
Cisco Employee

Policy needs to be manually created. However, some elements such as NADs, NDGs, Profiling policies, users can be export/imported with minimal manipulation.

 

View solution in original post

2.4 has been out a while now and has several patches. Likely soon will be deemed the golden long term release. If you’re already on 2.4 and its working find in your deployment validations then leave it at 2.4

View solution in original post

9 Replies 9

howon
Cisco Employee
Cisco Employee

Policy needs to be manually created. However, some elements such as NADs, NDGs, Profiling policies, users can be export/imported with minimal manipulation.

 

bilclay
Cisco Employee
Cisco Employee

Thanks Howon - Final question: would that manipulation be something a customer could handle or likely TAC? If customer, do we have any public documentation around this?

howon
Cisco Employee
Cisco Employee

Customer would have to do it. It is fairly simple though and in many cases may not even be needed. For instance when you export NADs to CSV, the same exported CSV may not be imported directly and may need to be adjusted in terms of inclusion of certain columns for instance. If NADs are in NDG, then may need import NDG first prior to importing NADs for instance.

What was the reason for the downgrade may I ask?  I'm looking around for any issues, have a customer about to upgrade to 2.4. 

Hi 

 

Yes, I would like to know the same thing. What is the reason for downgrade?

Customer and partner choose ISE 2.4 for deployment this winter despite having no DNA or advanced features. They are integrating Meraki wireless and ISE together for Open SSID VLAN switching for staff/students on Chromebooks, iOS, Windows, macOS, andrioid.

 

Per SEVT I was told that the most recommended versions of ISE for stability would be #1 ISE 2.2 latest patch and #2 ISE 2.3 latest patch. Guidance around ISE 2.4 was only if the customer used DNA center or needed new features. To avoid stability and potential bugs I was guiding them towards ISE 2.3 since 2.2 GUI is so different.

 

Thoughts?

2.4 has been out a while now and has several patches. Likely soon will be deemed the golden long term release. If you’re already on 2.4 and its working find in your deployment validations then leave it at 2.4

Even better - thank you!

Damien Miller
VIP Alumni
VIP Alumni

Do they have a pre upgrade backup available?

Build a new 2.3 PAN and restore the backup from a 2.3 or pre 2.3 backup.