06-18-2018 01:21 AM - edited 02-21-2020 10:58 AM
Hi,
I have 2 ISE(Primary and Secondary) with version 2.2. I find, when I am in "Guest Portals" to do "Portal test URL", it will open the Guest portal from secondary ISE and the Website is not reachable. The Guest portal from Primary ISE is working very well.
I think, the 2 Guest portal Website should work (nothing to do with Primary or secondary?), has anyone one idee?
regards
Robin
Solved! Go to Solution.
06-26-2018 02:06 AM
Now I found the Problem, the admin installed the wildcard certificate for the Gastportal URL, but the Wildcard Certificate did not actived for portal in secondary.
thanks a lot @abraham!
06-18-2018 08:21 AM
The portal is configured on Primary PAN and the info replicated into secondary PAN and PSNs. The actual portal operation/service is provided by the PSN's. So the question is, do you have PSN persona configured on both ISE nodes?
06-20-2018 12:42 AM
hi Abraham,
thanks for the response.
there are just 2 Maschine(one Primary and one Secondary they are both service Node), Secondary is standby. no PSN persona.
regards
Robin
06-20-2018 10:35 AM
Post an screenshot of the deployment.
06-20-2018 10:43 AM - edited 06-20-2018 10:52 AM
If you are accessing the guest portal from here (see below), the URL points to ANY of the PSN in the deployment so the opened browser shows something like:
https://PSN-IP:8443/portal/PortalSetup.action?portal=10be2e90-8001-11e5-b027-3440b5d4e810
As I said before, post a deployment screenshot.
06-20-2018 11:55 PM
Hi Abraham,
thanks!
my Problem is:
I try to do the Portal test URL,it shows me the Portal URL from secondary ISE and i can not open the web site, i got "the website is not connected". User can just use the Portal URL from Primary. the both Portal URL were working before, now just the Primary, that confuse me.
Regards
Robin
06-21-2018 11:53 AM
Copy the URL from the displayed browser when you clicked TEST URL button in the Guest Portal and change the IP by the Secondary one and post the results. I am still waiting an screenshot from your deployment.
06-22-2018 03:58 AM
06-22-2018 08:14 AM - edited 06-22-2018 08:15 AM
I suspect you are hitting a bug. What version are you running?.
If it is possible on the secondary node, run: application stop ise, wait until all the services are stopped (around 3-5 minutes) and then run: reload to reboot the server. After that try again to run the guest portal using the URL.
06-25-2018 01:14 AM
Hi Abraham,
the version is 2.2 Patch 8, I saw there is new Patch 9 from last week, i will try to install it and try again.
Regards
Robin
06-26-2018 02:06 AM
Now I found the Problem, the admin installed the wildcard certificate for the Gastportal URL, but the Wildcard Certificate did not actived for portal in secondary.
thanks a lot @abraham!
06-26-2018 08:13 AM - edited 06-26-2018 08:13 AM
Nice catch, I missed that part. However, I am wondering if you mean by wildcard a SAN Certificate instead of a wildcard one. I only use wildcard cert for 802.1x as suggested by Cisco in the following screenshots (aaron woland cisco expert). In any case, SAN or Wildcard cert must be loaded to each PSN node in the deployment using Primary PAN.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide