cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1255
Views
0
Helpful
4
Replies

editing ise 2.1 authorization policy

Meuserid1979
Level 1
Level 1

Hi experts,

after editing ise authorization policy (i.e. adding some conditions and then saving), does it requires a reboot to take effect?

i couldnt find any document mentioning about this. apparently i have an ise deployment and after editing the authorization policy by only saving, somthing weird is happening like, all the users are being redirected to the last rule which is deny access. which is suppose to match the first rule on top of it. but when the ise is rebooted evrything seems going back to normal.

thanks

chris

1 Accepted Solution

Accepted Solutions

hslai
Cisco Employee
Cisco Employee

Nope, the authorization policy updates should not need a reboot. If multi-node deployments, then there might be some replication delays. If it fairly reproducible, please open a TAC case if not already done.

View solution in original post

4 Replies 4

I have run into similar items where ISE seems to remember what the user was last using and seems to fail if that rule is missing etc.

I ran into this when I added a new MDM server, and changed the existing rule to point to the new server. ISE seemed to remember they were using the old server and just denied everyone. I had to purge their endpoints to get it to check the new server.

I guess all I can say is certain changes it does not like. Not sure if it's a time thing, but I find just making a new rule instead of changing and placing above the one to replace will eventually take over and you can remove the old rule.

thanks for the reply. I tried adding a new rule on top of the existing but resulted to the same issue

hslai
Cisco Employee
Cisco Employee

Nope, the authorization policy updates should not need a reboot. If multi-node deployments, then there might be some replication delays. If it fairly reproducible, please open a TAC case if not already done.

yes. I will probably do this . thanks