10-13-2024 09:29 PM
Added more served to PSN level , resolved the issue.
Which logs to check in real time to identify such issues.
10-13-2024 10:28 PM
Can you please explain what your issue is, and what the question is?
10-13-2024 10:42 PM - edited 10-13-2024 10:43 PM
Initially thr was slowness reported, then my team added more IPs on PSN level, which resolved the issue. AD is also in good health as of now in the deployment at the moment.
I got above screen shot with some errors.
This is an AD log where we see some errors. We also saw some AUTH LATENCY logs on ISE dashboard, it was like 2 hours before. No recent logs post above change.
What can be checked/collected and proactively done. or any bug related to this.
10-13-2024 11:24 PM
What do you mean by "added more IPs on PSN level" ? Do you mean that you added more GigEth interfaces to a PSN node and then expected the ISE to get more processing throughput? Not sure that's how you scale the PSN. When Cisco BU do their performance scaling testing, they use a single 1GE interface to handle and process all the requests. The Ethernet is not the bottleneck. It's usually the disk on hardware appliances (SNS with spinning hard disks) or CPU and memory in general.
Is you PSN a VM or SNS server? What is the CPU/Mem/Disk spec?
If it takes 2 hours for Live Logs to appear, then I would suggest you open a TAC case. it sounds like your MNT nodes are suffering - especially if the RADIUS transactions are happening in a reasonable time (i.e. the user can tell you if they are connected within a period of say 5 seconds) then the issue is simply one of the MNT struggling to keep up. Do you have separate MNT nodes ?
There is no one specific bug for ISE issues - you have to be more specific about your questions.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide