Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1375
Views
10
Helpful
4
Replies

ISE 2.3 to 2.4 Upgrade

Go to solution
Jason Maynard
Cisco Employee
Cisco Employee

‎09-20-2018 07:46 AM

Hi TME's

 

Got the following from a customer and want some field guidance. "We're currently running a Cisco ISE deployment (2 nodes) on code version 2.3 patch 4. There is a project in-flight to deploy guest services that is nearing the tail end. A few minor bugs have cropped up that we believe are fixed in ISE version 2.4. When the PARTNER spoke with Cisco TAC they were told the upgrade from 2.3 to 2.4 can be problematic and they've seen a high number of failures. The recommendation they received was to backup the ISE configurations and databases, rebuild our nodes on the new code version and then restore. This is going to require a fair amount of effort and disruption to our environment. I'm hoping you can help with a few things,

 

  • Can you confirm this is the true recommended approach and if there are any alternatives? Are other customers going through this same process and challenge?

Thanks,
Jason

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎09-20-2018 08:53 AM

Yes that is correct as another approach. You should however be using the Upgrade readiness tool and working through with the TAC if run into issues so they can be caught.

Here is a guide for upgrades
https://community.cisco.com/t5/security-documents/ise-upgrades-best-practices/ta-p/3656934



View solution in original post

4 Replies 4

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎09-20-2018 08:53 AM

Yes that is correct as another approach. You should however be using the Upgrade readiness tool and working through with the TAC if run into issues so they can be caught.

Here is a guide for upgrades
https://community.cisco.com/t5/security-documents/ise-upgrades-best-practices/ta-p/3656934



Go to solution
Jason Maynard
Cisco Employee
Cisco Employee
In response to Jason Kunst

‎09-20-2018 05:36 PM

Thanks Jason!

0 Helpful

Go to solution
Alex Pfeil
Level 7
Level 7
In response to Jason Kunst

‎02-05-2019 10:01 AM

I was going to start with the upgrade readiness tool. Do you know if there is any risk to ISE production running this tool? Or, is it recommended to run during a maintenance timeframe?

0 Helpful

Go to solution
Damien Miller
VIP Alumni
VIP Alumni
In response to Alex Pfeil

‎02-05-2019 10:12 AM

Because you will run it on the secondary admin node, there is very little risk. I am comfortable running the URT on production because I have not had any issues in the past.

Not a bad idea to have a change ticket open just in case.
Customers Also Viewed These Support Documents