Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2069
Views
0
Helpful
10
Replies

Issue on my first installment of cisco ISE

Go to solution
Terry Lee
Level 1
Level 1

‎12-31-2014 04:00 AM - edited ‎03-10-2019 10:18 PM

Hi, Thanks in advance,

 

This is my first time of being implementing cisco ISE 1.1.4 with Vmware Esxi v5.5

 

I have done following processes so far

- Created NTP,DNS,AD, of course ESXI up and running and have connection between all of them, ISE is able to sync time with ntp server as well as DNS, AD etc. 

- I have created repository for installing application bundle - which is ise-appbundle-1.1.4.218.i386 as I could not find any application default.

However, while i was doing installation and it says '/opt/oracle/base/product/11.2.0/dbhome_1/bin/lsnrctl: error while loading shared libraries: libclntsh.so.11.1: cannot open shared object file: No such file or directory'. 

 

I already check few forums and communities and I have no problems on syncing times on dns with ntp as well as ISE itself with ntp.

I have no firewall between devices and no other network devices are interfering.

 

and At the end of the logs, It comes up like this

########################################################################################

ERROR : FAILED TO START DB!

Database is not available within timeout of 240 seconds.

This could be the result of incorrect network interface configuration,

or lack of resources on the appliance or VM. Please fix the issue and run the following CLI to re-prime database:

'application reset-config ise'

########################################################################################

Im just lost now... Any recommendation ?

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Terry Lee

‎12-31-2014 06:46 AM

Well it's true that the CCIE Security uses ISE 1.1 as its basis. So for lab-only setup with that purpose you could go with it.

90% of things look the same and the concepts are identical from 1.1 to 1.3. Early versions were buggy though and we recommend all production users go with 1.3.

A fresh install of 1.14 should be OK; but you would not use the ISE appbundle gz archive - you would use the ISO for fresh install.

Please see screenshot below.

 

View solution in original post

0 Helpful
10 Replies 10

Go to solution
jan.nielsen
Level 7
Level 7

‎12-31-2014 04:42 AM

What ISE version are you upgrading from, what patch level?

0 Helpful

Go to solution
Terry Lee
Level 1
Level 1
In response to jan.nielsen

‎12-31-2014 05:57 AM

Hi , Jan,

 

Im doing it from scratch. its v1.1.4 and I dont have any application on it so Im trying to installing it

 

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-31-2014 06:01 AM

If it's a lab or a greenfield installation I wouldn't even mess with ISE 1.1. There are a fair number of dependencies and complexities upgrading those earlier versions. Also, ISE 1.1 is not supported on VMware ESXi 5.5.

The current release is 1.3 and is better in almost every possible way.

0 Helpful

Go to solution
Terry Lee
Level 1
Level 1
In response to Marvin Rhoads

‎12-31-2014 06:10 AM

Thanks for your answer Marvin ,

 

I need to have ISE 1.1 up and running as Im preparing for my CCIE security LAB exam.

Is there many differences between 1.3 and 1.1 ?

 

As CCIE SECURITY covers ISE v1.1.

 

Regards.

 

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Terry Lee

‎12-31-2014 06:46 AM

Well it's true that the CCIE Security uses ISE 1.1 as its basis. So for lab-only setup with that purpose you could go with it.

90% of things look the same and the concepts are identical from 1.1 to 1.3. Early versions were buggy though and we recommend all production users go with 1.3.

A fresh install of 1.14 should be OK; but you would not use the ISE appbundle gz archive - you would use the ISO for fresh install.

Please see screenshot below.

 

0 Helpful

Go to solution
Terry Lee
Level 1
Level 1
In response to Marvin Rhoads

‎01-02-2015 06:56 PM

Thanks for your help Marvin

 

with ISO file, do I have to import its ISO file for application install?

I cannot find application ise by default once I install it on ESXi.

 

As my understanding , I have to install it first with ISO and import its file again with repository for application install

 

 

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Terry Lee

‎01-02-2015 07:19 PM

For an ISE 1.1.4 ISO , follow the procedure here to build an ISE server VM from scratch.

No repository is required or even involved during installation. Following the procedure will result in an operational ISE server (single node deployment with PAN, MnT and PSN personae) ready for creation of identity stores, authentication (AuthC) and authorization (AuthZ) policies etc.

0 Helpful

Go to solution
Terry Lee
Level 1
Level 1
In response to Marvin Rhoads

‎01-02-2015 07:26 PM

Thanks for your quick notice,

 

Do I have access to WEB GUI ?
 

0 Helpful

Go to solution
Terry Lee
Level 1
Level 1
In response to Marvin Rhoads

‎01-02-2015 07:45 PM

Ok,

 

Inline Posture Node is not supporting WEB GUI access, so how to start deploying WEB GUI? with this ? or do I have to change the deployment?

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Terry Lee

‎01-02-2015 08:16 PM

You've been asking about a primary ISE server - IPN  (Inline Posture Node) is a separate persona that exists by itself and only as part of a larger multi-server deployment.

An IPN does not have a web GUI. It's basically a repackaging on the old NAC appliance. It has only command line interface (cli) and is managed (other than setup) via the Primary Admin Node (PAN) in an ISE deployment.

If you installed the ise-appbundle ISO I showed above that would not include the IPN.

0 Helpful
Customers Also Viewed These Support Documents