This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
I have up and running ISE 2.1 appliance 3415. Its role is set to Primary. When I try to register other node as Secundary everything looks fine.
I get the status Pending, but then it fails with error.
I have reset-config to factory defaults on node I am trying to connect with no luck.
From just doing it myself make sure it resolves via DNS correctly and you have the certificate from the secondary in the primarys trusted certs with ISE authentication ticked.
What error are you getting?
DNS resloves correcly, certificates are trusted on both nodes and used for Infrastructure.
I have done this several time without problems up until now.
If DNS or certs are not ok, ISE stops you from even starting the sync.
In my case I have status in progress and then than error code with registraton or sync failed. Deregister node and register it again.
Remember that reverse DNS (PTR) records also must be in place for all ISE servers, if you only have forward records in DNS, it will fail once it tries to sync the nodes.
It's easy to test, do a "ping -a <ip of your ise server>", both should give you the name of your ise servers in DNS
Did you ever get this working? I am experiencing the same issue. I have three ISE nodes in the same node group and trying to add two more. Both of the new ise boxes will show up in the node list as in progress, and then fail after 3-4 hours. All of the boxes are running the same version, and ping -a works to all of the IP addresses.
It was the issue with certificates. Do you use wildcard certificates by any chance?
Certificates were good for authetication, but then replication failed as there was a duplicate :) certificate on secundary node. Go to self signed certificates, join and after successful join. Activate wildcard certificates again (if your issue is the same of course).