Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
672
Views
3
Helpful
8
Replies

Empty RADIUS and TACACS LiveLogs after restoring ISE from backup...

Go to solution
rezaalikhani
Spotlight
Spotlight

‎02-14-2024 08:41 AM - edited ‎02-14-2024 08:45 AM

Hi all;

Yesterday, due to a power outage in our environment, my ISE 3.2 patch 4 crashed and I restored it with the latest backup successfully (only the configuration backup, not the operational backup)... Everything works well except that the RADIUS and TACACS LiveLogs are empty, as you can see below:

rezaalikhani_0-1707928427397.png

rezaalikhani_1-1707928473570.png

rezaalikhani_2-1707928517911.png

The steps that I have taken so far:

1. Disabling the " Use "ISE Messaging Service" for UDP Syslogs delivery to MnT" option.

2. Regenerating a new certificate for "ISE Messaging Service"

3. Regenerating a new certificate for ISE Root CA.

Any ideas?

Thanks

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
rezaalikhani
Spotlight
Spotlight
In response to Arne Bier

‎02-14-2024 10:26 PM - edited ‎02-14-2024 10:27 PM

@Arne Bier  Some interesting things happened. Honestly, I decided to build my ISE deployment from scratch and so, blindly attempted other options beside your recommended option. Fortunately, the Option 1 --> Reset M&T Session Database did the trick.

Thanks anyway

 

View solution in original post

8 Replies 8

Go to solution
Aref Alsouqi
VIP
VIP

‎02-14-2024 08:59 AM

How many nodes do you have in your deployment? and where the MnT personas are enabled?

0 Helpful

Go to solution
rezaalikhani
Spotlight
Spotlight
In response to Aref Alsouqi

‎02-14-2024 09:16 PM

@Aref Alsouqi  I have implemented ISE in Standalone mode...

0 Helpful

Go to solution
ahollifield
VIP
VIP

‎02-14-2024 09:04 AM

Do you have queue link alarms?  Why did you disable the ISE Messaging Service? https://www.adamhollifield.com/2022/09/fix-cisco-ise-messaging-service.html

Go to solution
rezaalikhani
Spotlight
Spotlight
In response to ahollifield

‎02-14-2024 09:22 PM

@ahollifield I do not have any Queue Links error. I disabled that option because many threads in technical communities suggested that disabling it resolved their problems.

0 Helpful

Go to solution
Arne Bier
VIP
VIP

‎02-14-2024 12:05 PM

I had a case yesterday where an ISE 2.7 system just stopped producing any Live Logs. The M&T process had died due to a disk space issue. Somewhere deep in an Oracle database, that TAC engineer found a table that had metastasized well beyond its normal size. The /opt was 80% full. The solution was to Reset the M&T Database. 

application configure ise

 Option 4.

That reduced the /opt to 20% and all was well again.  I have never had to use this option in earnest. But it's a good one to keep in mind. Bear in mind it will restart the application services though.

In ISE 3.2 patch 4 the regen of Messaging CA and Internal CA should resolve any Queue Link errors ... at least in my experience.

Go to solution
rezaalikhani
Spotlight
Spotlight
In response to Arne Bier

‎02-14-2024 09:37 PM

@Arne Bier  I used Option 4 as you suggested but it did not resolve the problem...

0 Helpful

Go to solution
Arne Bier
VIP
VIP

‎02-14-2024 09:50 PM

What does show application status ise show you?  Is M&T process running?

Tried rebooting the node?

Are your ISE DNS records still same as before?  A and PTR records?

0 Helpful

Go to solution
rezaalikhani
Spotlight
Spotlight
In response to Arne Bier

‎02-14-2024 10:26 PM - edited ‎02-14-2024 10:27 PM

@Arne Bier  Some interesting things happened. Honestly, I decided to build my ISE deployment from scratch and so, blindly attempted other options beside your recommended option. Fortunately, the Option 1 --> Reset M&T Session Database did the trick.

Thanks anyway

 

Customers Also Viewed These Support Documents