Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
232
Views
0
Helpful
5
Replies

ISE reimage using CISM

mothukuri
Level 1
Level 1

‎04-21-2025 08:22 AM

Hi All ,

We have SNS-3755-K9 in the production network.After installing it we have noticed that live logs of TACACS are not showing on the web portal.

what is the best way to re-image the ISE ? As per Cisco TAC re-iamge should be done to fix the issue.I have followed below steps but hen ISE was rebooting it was loading existing configuration and not asking for ip address etc as we are not getting option for setup.

Cisco Identity Services Engine Installation Guide, Release 3.1 - Install Cisco ISE [Cisco Identity Services Engine] - Cisco

any help would be highly appreciated .

 

 

 

Step 1

If you are installing Cisco ISE on a:

  • Cisco SNS appliance: Install the hardware appliance. Connect to CIMC for server management.

  • Virtual Machine: Ensure that your VM is configured correct.

Step 2

Download the Cisco ISE ISO image.

  1. Go to http://www.cisco.com/go/ise. You must already have valid Cisco.com login credentials to access this link.

  2. Click Download Software for this Product.

    The Cisco ISE image comes with a 90-day evaluation license already installed, so you can begin testing all Cisco ISE services when the installation and initial configuration is complete.

Step 3

Boot the appliance or the virtual machine.

  • Cisco SNS appliance:

    1. Connect to CIMC and log in using the CIMC credentials.

    2. Launch the KVM console.

    3. Choose Virtual Media > Activate Virtual Devices.

    4. Choose Virtual Media > Map CD/DVD and select the ISE ISO image and click Map Device.

    5. Choose Macros > Static Macros > Ctrl-Alt-Del to boot the appliance with the ISE ISO image.

    6. Press F6 to bring up the boot menu. A screen similar to the following one appears:

      Figure 1. Selection of Boot Device
       

       

      Note

       

      • If the SNS appliances are placed in a remote location (for example, data centers), to which you do not have any physical access and need to perform CIMC install from remote servers, it might take long hours for installation. We recommend that you copy the ISO file on a USB drive and use that in the remote location to speed up the installation process.

      • Cisco ISE installation using CIMC may be affected by network speed, network stability, TCP segmentation, or other factors of the operating system. This may impact the speed and the time taken (approximately 30 minutes) for Cisco ISE installation.

      •  

 

 

 

 

 

0 Helpful
5 Replies 5

ahollifield
VIP
VIP

‎04-22-2025 06:49 AM

What is CISM?

0 Helpful

Dustin Anderson
VIP Alumni
VIP Alumni

‎04-22-2025 07:50 AM - edited ‎04-22-2025 07:56 AM

If you have access to the server it is recommended to make a bootable drive. Reloading through the CIMC is slow. When I tried it once it was estimated to take ~10 hours where a USB drive is under an hour.

 

Here is to make a bootable USB, you do have to edit some files.

https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/install_guide/b_ise_InstallationGuide31/b_ise_InstallationGuide31_chapter_4.html 

0 Helpful

davidgfriedman
Level 1
Level 1

‎04-22-2025 08:16 AM - edited ‎04-22-2025 08:16 AM

I read you showed ISE 3.1 documentation, but I wanted you to know that once you've upgraded to ISE 3.2 patch 5 or higher, assuming you can still login to the system, you can scp the ISO file to the ISE local disk and reinstall / rebuild directly from the CLI, no remote mounting and no USB required. We have needed this a few times to rebuild troubled physical appliances / nodes.

>  For this reason, ISE 3.2 Patch 5 introduces a new feature that allows the user to reinstall ISE using the command line, saving around 40 minutes. The feature is Localized ISE installation. On command line run the command application configure ise which displays this new option: [36] Localised ISE Install. 

Regards,
David

0 Helpful

mothukuri
Level 1
Level 1
In response to davidgfriedman

‎04-22-2025 09:20 AM

Hi David ,

Thank you for the detailed explanation.

We have below patch and ISE version running on the ISE box.

Cisco Identity Services Engine
---------------------------------------------
Version      : 3.3.0.430
Build Date   : XXXXXXXX
Install Date : XXXXXXXX

 

Cisco Identity Services Engine Patch
---------------------------------------------
Version      : 4
Install Date : XXXXXXX

I have gone through below info provided by you via url 

(https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/install_guide/b_ise_InstallationGuide31/b_ise_InstallationGuide31_chapter_3.html)

For this reason, ISE 3.2 Patch 5 introduces a new feature that allows the user to reinstall ISE using the command line, saving around 40 minutes. The feature is Localized ISE installation. On command line run the command application configure ise which displays this new option: [36] Localised ISE Install. 

I have few questions . Do i need to install patch 5 before OS installation via command application configure ISE .

Could you please provide me steps or url which can be referred while performing OS install via CLI.

 

 

 

 

 

 

0 Helpful

Marcelo Morais
VIP
VIP
In response to mothukuri

‎04-22-2025 10:50 PM

Hi @mothukuri ,

 please take a look at: ISE - Localized Installation.

 

Hope this helps !!!

 

0 Helpful
Customers Also Viewed These Support Documents