Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1587
Views
0
Helpful
3
Replies

ISE 2.6 replication status not Not Applicable

anuwat_n@mfec.co.th
Level 1
Level 1

‎05-28-2020 02:40 AM - edited ‎05-28-2020 02:43 AM

Hi All

We found issue.When we join HA.Node status on deployment in admin page both Connected but when we show tech-support. We found replication status on primary is not applicable and status on secondary is SYNC COMPLETED.

How to fix it ?

 

ISE2.JPG

 

ISE.JPG

0 Helpful
3 Replies 3

Surendra
Cisco Employee
Cisco Employee

‎05-28-2020 02:53 AM

That is expected behaviour since PAN does not replicate anything to itself. Hence it is not applicable. It only synchronizes data or replicates the data to the other nodes and hence the SYNC_COMPLETED status.
0 Helpful

anuwat_n@mfec.co.th
Level 1
Level 1
In response to Surendra

‎05-28-2020 03:02 AM

The real issue is when we configure authorization profile and configure policy in primary. If we make secondary to primary and verify authorization profile and configure policy. authorization profile are missing 

and when we test aaa-server authentication from ASA. primary node success but secondary node deny access. (Use same user and password)  

0 Helpful

Surendra
Cisco Employee
Cisco Employee
In response to anuwat_n@mfec.co.th

‎05-28-2020 04:53 AM

Then what it really means is that the replication is not working between the nodes. Check the connectivity on TCP port 12001 between the PSN and the PAN. PAN will listen on 12001.
0 Helpful
Customers Also Viewed These Support Documents