cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

196
Views
0
Helpful
2
Replies

ISE and HA

Hi Guys,

what is the solution or configuration should. Be done in case all policy nodes of ISE went down and were not responding?

let's say it's emergency and both ISE got a hardware failure.

how can i bypass it or give full access to users without depending on ISE? Is it aaa config?

regards

2 REPLIES 2
Rahul Govindan
Advocate

This would be more on the network device side (switch, controller). On switches, you can configure the "authentication event server dead action" on the switchport to authorize it to a particular vlan that has required access. You can also authorize the voice vlan functionality this way.

For Wireless, I am not sure if there is a way to do the above. A workaround for this would be to broadcast a new SSID without authentication till the ISE comes back up.

Venkatesh Attuluri
Cisco Employee

On WLC you set Authentication priority order

Content for Community-Ad

This widget could not be displayed.