cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

129
Views
0
Helpful
2
Replies
Highlighted

ISE and HA

Hi Guys,

what is the solution or configuration should. Be done in case all policy nodes of ISE went down and were not responding?

let's say it's emergency and both ISE got a hardware failure.

how can i bypass it or give full access to users without depending on ISE? Is it aaa config?

regards

2 REPLIES 2
Highlighted
VIP Advocate

This would be more on the

This would be more on the network device side (switch, controller). On switches, you can configure the "authentication event server dead action" on the switchport to authorize it to a particular vlan that has required access. You can also authorize the voice vlan functionality this way.

For Wireless, I am not sure if there is a way to do the above. A workaround for this would be to broadcast a new SSID without authentication till the ISE comes back up.

Highlighted
Cisco Employee

On WLC you set Authentication

On WLC you set Authentication priority order