Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2544
Views
55
Helpful
7
Replies

Patch ISE 2.6 patch-4 to patch-10

Go to solution
adamscottmaster2013
Level 3
Level 3

‎09-29-2021 11:02 AM

I have two nodes ISE running ISE 2.6 patch-4 on SNS-3615K9 in this configuration:

 

node1:  Primary Admin, Primary MNT, PSN

node2:  Secondary Admin, Secondary MNT, PSN

 

I would like to patch them from patch-4 to patch-10.  Is it just as simple as downloading patch 10 ise-patchbundle-2.6.0.156-Patch10-21081000.SPA.x86_64.tar.gz (3.2GB in size) and from the UI:  Administration ---> Maintenance --> Patch Management and load up ise-patchbundle-2.6.0.156-Patch10-21081000.SPA.x86_64.tar.gz.  Is it that simple?

 

How long will it to install the patch? a couple of hours?

 

TIA

2 Accepted Solutions

Accepted Solutions

Go to solution
Damien Miller
VIP Alumni
VIP Alumni
In response to Marcelo Morais

‎09-29-2021 04:52 PM

This is 2.6 p4 which was very much deferred. It was deferred due to this catastrophic sev 1 profiling bug. 
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt18276

View solution in original post

7 Replies 7

Go to solution
Rob Ingram
VIP
VIP

‎09-29-2021 11:11 AM

@adamscottmaster2013 

Yes. When you install a patch from the Primary PAN that is part of a two-node deployment, Cisco installs the patch on the primary node and then on the secondary node. If the patch installation is successful on the Primary PAN, Cisco then continues patch installation on the secondary node. If it fails on the Primary PAN, the installation does not proceed to the secondary node.

 

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/215406-patch-installation-on-ise-and-faq-durin.html

 

The patch install can take up to 1 hour, take all precautions - backups etc

 

Go to solution
adamscottmaster2013
Level 3
Level 3
In response to Rob Ingram

‎09-29-2021 11:47 AM

@Rob Ingram:  Thank you.  Take up to 1 hour.  Is that for each node or both nodes?

Go to solution
Rob Ingram
VIP
VIP
In response to adamscottmaster2013

‎09-29-2021 12:04 PM

@adamscottmaster2013 up to 1 hour per node, likely less though.

Go to solution
adamscottmaster2013
Level 3
Level 3

‎09-29-2021 01:19 PM

@Rob Ingram:   I notice that patch-4 is no longer available on Cisco website.  Does it mean that this patch has issue and had to be pulled from Cisco website?  What is the likelihood that I will have issue with patching from patch-4 to patch-10?

Go to solution
Marcelo Morais
VIP
VIP
In response to adamscottmaster2013

‎09-29-2021 04:06 PM

Hi @adamscottmaster2013 ,

 1st, please take a look at Cisco ISE 2.4 Release Notes. search for Patch 4.

 2nd, although 2.4 P4 is not on the Deferred Release, please take a look at this post: ISE 2.4 Patch 4 Warning + Release Notes Feedback.

Note: the last release of 2.4 is Patch 14 since Apr, 2021.

 

Hope this helps !!!

Go to solution
Damien Miller
VIP Alumni
VIP Alumni
In response to Marcelo Morais

‎09-29-2021 04:52 PM

This is 2.6 p4 which was very much deferred. It was deferred due to this catastrophic sev 1 profiling bug. 
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt18276

Go to solution
adamscottmaster2013
Level 3
Level 3
In response to Damien Miller

‎09-30-2021 04:33 AM

@Damien Miller:  Thanks.  Basically Cisco released a lemon.  So much for doing QA work

Customers Also Viewed These Support Documents