06-04-2021 01:33 AM
We have an ISE deployment running 2.7 patch 3, and there seems to be some sort of mismatch (I'm guessing) between the MnT nodes, but I'm not 100% sure on that. On some occasions, the Radius Live Log shows all the info you'd expect, like so:
But then, suddenly, it will show something like this:
Only "Authorize Only" methods will be shown.
And it stays like this for 10 minutes or so before changing back to showing all expected info again.
Any ideas how to explain this?
Thanks
Solved! Go to Solution.
06-08-2021 06:33 AM
This points potentially some issue with the ISE M&T db. Please check the performance data of the MnT node(s) and engage Cisco TAC as needed.
06-05-2021 03:37 PM
The only difference here appears to be the SessionInfo status icons instead of the Pass/Fail/Session icons.
ISE refreshes your LiveLogs every 10 seconds according to your screen and after a while - "some occasions" as you say - you have a see Pass/Fails rather than only Session updates.
This is probably due to re-authentication intervals and RADIUS interim updates in your endpoint sessions.
Click on the session details icon to see what is happening or filter on a specific endpoint to see it's series of authentication events.
06-07-2021 12:45 AM
Thanks for replying Thomas. So I tried what you said, filtering on one endpoint, but the result is still the same. It first shows just the Session Info, then 10 minutes later, the Auth Passed records suddenly appear as well.
06-08-2021 06:33 AM
This points potentially some issue with the ISE M&T db. Please check the performance data of the MnT node(s) and engage Cisco TAC as needed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide