Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2657
Views
10
Helpful
1
Replies

High Authentication Latency in PSN (ISE 2.4.0.357)

CSCO11895276
Level 1
Level 1

‎10-19-2020 11:07 AM

Hi,

 

I have been facing an issue from past one month where I get High Authentication Latency alerts suddenly and PSN starts dropping Auth requests.

Case with Cisco was opened and Cisco said that they are seeing latency in getting response from AD but i See in the reports that at the time of issue latency is there for the internal endpoints as well.

According to Cisco TAC, if AD is not responding properly on time then the ISE's threads are kept busy by AD which in turn is causing this internal endpoint latency as well.

I don't know if this is somehow possible or not.

anyone ever faced similar issue?

 

if Cisco employee wants to refer they can check case SR 689914685.

1 person had this problem
0 Helpful
1 Reply 1

Andrii Oliinyk
VIP
VIP

‎10-19-2020 12:06 PM

hi csco dude.

considering myself in your situation i'd try to collect & then make analysis of communications with AD using ISE' GUI tcpdump. usually it lasts for <=5 mins from GUI. thus if u need some more lasting capture remember CTAC can install rootpatch on your deployment enabling your tcpdump to last until your session finishes automatically.

good luck

Customers Also Viewed These Support Documents