Showing results for 
Search instead for 
Did you mean: 

ISE 2.1 unable to register secondary node

Level 1
Level 1


I have up and running ISE 2.1 appliance 3415. Its role is set to Primary. When I try to register other node as Secundary everything looks fine.

I get the status Pending, but then it fails with error.

I have reset-config to factory defaults on node I am trying to connect with no luck.

Any ideas?

5 Replies 5

Level 1
Level 1

From just doing it myself make sure it resolves via DNS correctly and you have the certificate from the secondary in the primarys trusted certs with ISE authentication ticked.

What error are you getting?

DNS resloves correcly, certificates are trusted on both nodes and used for Infrastructure.

I have done this several time without problems up until now.

If DNS or certs are not ok, ISE stops you from even starting the sync.

In my case I have status in progress and then than error code with registraton or sync failed. Deregister node and register it again.

Remember that reverse DNS (PTR) records also must be in place for all ISE servers, if you only have forward records in DNS, it will fail once it tries to sync the nodes.

It's easy to test, do a "ping -a <ip of your ise server>", both should give you the name of your ise servers in DNS


Level 1
Level 1

Did you ever get this working? I am experiencing the same issue. I have three ISE nodes in the same node group and trying to add two more. Both of the new ise boxes will show up in the node list as in progress, and then fail after 3-4 hours. All of the boxes are running the same version, and ping -a works to all of the IP addresses. 

It was the issue with certificates. Do you use wildcard certificates by any chance?

Certificates were good for authetication, but then replication failed as there was a duplicate :) certificate on secundary node. Go to self signed certificates, join and after successful join. Activate wildcard certificates again (if your issue is the same of course).