11-01-2016 01:26 AM - edited 03-11-2019 12:11 AM
Hi ,
I have 2 ISE nodes, 1 Node is primary and other one is secondary. As per my understanding only the primary node should authenticate and authorize the endpoint.
But in my case, i see both node are authenticating and authorizing the endpoint.
kindly assist on how it works or on my understanding if right.
Any help would be Appreciated.
Thanks&Regards
Laxmi
Solved! Go to Solution.
11-01-2016 09:40 AM
Hello Laxmi-
I would recommend you check out and read the link below:
With ISE you have "personas" that can be enabled on different ISE nodes. The "personas" are really services that can be enabled/disabled on each node based on the deployment that you have in place.
The current ISE "personas" are:
1. Administration
2. Monitoring
3. Policy Services
4. pxGrid
The Policy Services persona is essentially what makes a node AAA RADIUS server. Having that service enabled allows the node to process authentications and authorization requests. Thus, each Policy Services node needs to be configured as AAA server in your Network Access Devices (Switches, WLCs, ASAs, etc).
When you have a distributed deployment, you dedicate nodes to individual personas. However, in a single/dual node deployment, all of the personas are running on your nodes.
I hope this helps!
Thank you for rating helpful posts!
11-01-2016 09:40 AM
Hello Laxmi-
I would recommend you check out and read the link below:
With ISE you have "personas" that can be enabled on different ISE nodes. The "personas" are really services that can be enabled/disabled on each node based on the deployment that you have in place.
The current ISE "personas" are:
1. Administration
2. Monitoring
3. Policy Services
4. pxGrid
The Policy Services persona is essentially what makes a node AAA RADIUS server. Having that service enabled allows the node to process authentications and authorization requests. Thus, each Policy Services node needs to be configured as AAA server in your Network Access Devices (Switches, WLCs, ASAs, etc).
When you have a distributed deployment, you dedicate nodes to individual personas. However, in a single/dual node deployment, all of the personas are running on your nodes.
I hope this helps!
Thank you for rating helpful posts!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide