12-20-2021 12:56 AM - edited 12-20-2021 12:57 AM
Hello!
Does anyone know what Cisco's recommendations are about having different patches on my deployment.
My deployment has patch 3 of version 2.x but I am looking to upgrade only one node to patch 6 by CLI.
Will there be any compatibility issues between the rest of the nodes with patch 3 and the node with patch 6?
Thanks and have a nice day!
Solved! Go to Solution.
12-20-2021 09:35 AM
I've run in to some odd issues when I had a customer stop patching a deployment overnight. I would try to get all nodes on the same patch as quickly as possible starting with the primary admin node.
The CLI won't prevent you from doing a single node, but no one will recommend leaving it in this state or applying it to any node but the PAN first. In a distributed deployment I will usually patch a PSN second after the PAN to test/validate/pause. Then once confirmed things are still working with that node we finish up the patching work.
12-20-2021 01:56 AM
@JoseAlanis07669 no, you should run the same patch version across all nodes in your ISE cluster. I doubt Cisco even supports running different patches on the ISE nodes.
12-20-2021 09:35 AM
I've run in to some odd issues when I had a customer stop patching a deployment overnight. I would try to get all nodes on the same patch as quickly as possible starting with the primary admin node.
The CLI won't prevent you from doing a single node, but no one will recommend leaving it in this state or applying it to any node but the PAN first. In a distributed deployment I will usually patch a PSN second after the PAN to test/validate/pause. Then once confirmed things are still working with that node we finish up the patching work.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide