ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

666
Views
0
Helpful
3
Replies
Highlighted
Beginner

ISE "Endpoints Disconnected" details

I have ISE at 1.4 patch 11. On the Dashboard page if I click on "Active Endpoints" I will receive a breakdown of endpoints on my network. Connected, Failed, Disconnected, and Total.

I am wondering what defines an endpoint that is in the "Disconnected" category. They all seem to have timestamps for the current day and when I check on the device it will be on the network and authorized.

Does anybody have the strict definitions of what makes an endpoint a "Disconnected" endpoint?

 

 

 

3 REPLIES 3
Highlighted
Participant

Re: ISE "Endpoints Disconnected" details

I suppose the real question is, why are connected Clients showing as disconnected, but I don't know the answer to that I'm afraid. Sorry.

 

FYI, ISE v1.4 has a pretty limited useful life ahead of it, see here;

https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/eos-eol-notice-c51-738841.html

Highlighted
Beginner

Re: ISE "Endpoints Disconnected" details

Hello,
Thanks for the link to 1.4 End-of-Life.
I recently made the attempt to go to 2.2 from our existing 1.4 but the upgrade failed. We are using Cisco 3495 appliances and I am now told that the 3495's may not be up to the task of running 2.2. We may have to upgrade to new appliances soon.
Thanks again,

Highlighted
Participant

Re: ISE "Endpoints Disconnected" details

3495s are supported on v2.3 so they're fine for that, just keep an eye on the scalability / performance of it all.  There are some interesting stats about that here;

 

https://communities.cisco.com/docs/DOC-68347

 

I'm not surprised the upgrade failed to be honest - they're not very reliable from 1.x.

 

I'd suggest the best two things to try (depending on the kit you have available) are to try the Upgrade Readiness Tool (which will also attempt to fix any bad data, which is a known cause of failed upgrades - see release notes for details), or alternatively, factory reset one appliance and install a fresh ISE v2.3 patch 3, then import a backup to it from your old 1.4 ISE.