cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

951
Views
10
Helpful
4
Replies
Jason Maynard
Cisco Employee

ISE 2.3 to 2.4 Upgrade

Hi TME's

 

Got the following from a customer and want some field guidance. "We're currently running a Cisco ISE deployment (2 nodes) on code version 2.3 patch 4. There is a project in-flight to deploy guest services that is nearing the tail end. A few minor bugs have cropped up that we believe are fixed in ISE version 2.4. When the PARTNER spoke with Cisco TAC they were told the upgrade from 2.3 to 2.4 can be problematic and they've seen a high number of failures. The recommendation they received was to backup the ISE configurations and databases, rebuild our nodes on the new code version and then restore. This is going to require a fair amount of effort and disruption to our environment. I'm hoping you can help with a few things,

 

  • Can you confirm this is the true recommended approach and if there are any alternatives? Are other customers going through this same process and challenge?

Thanks,
Jason

1 ACCEPTED SOLUTION

Accepted Solutions
Jason Kunst
Cisco Employee

Yes that is correct as another approach. You should however be using the Upgrade readiness tool and working through with the TAC if run into issues so they can be caught.

Here is a guide for upgrades
https://community.cisco.com/t5/security-documents/ise-upgrades-best-practices/ta-p/3656934



View solution in original post

4 REPLIES 4
Jason Kunst
Cisco Employee

Yes that is correct as another approach. You should however be using the Upgrade readiness tool and working through with the TAC if run into issues so they can be caught.

Here is a guide for upgrades
https://community.cisco.com/t5/security-documents/ise-upgrades-best-practices/ta-p/3656934



View solution in original post

Thanks Jason!

I was going to start with the upgrade readiness tool. Do you know if there is any risk to ISE production running this tool? Or, is it recommended to run during a maintenance timeframe?

Because you will run it on the secondary admin node, there is very little risk. I am comfortable running the URT on production because I have not had any issues in the past.

Not a bad idea to have a change ticket open just in case.
Content for Community-Ad