This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
I am running ISE 2.6 p1 in a distributed setup with separate Pri admin, Sec admin, Pri monitor, Sec montitor and a few PSN.
I have a wierd issue that then the PSN loose connection to the primary admin node then posture fail. Anyconnect stays on "Checking requirement 1 of 1" for a while and then gives me error "Posture failed due to server issues".
The only requirement I have is to check if the antimalware software is installed or not.
According to the documentation from Cisco the admin node should be able to fail without impacting posture.
I can't figure out why the admin node is required to be online for posture to work. Do you have any idea?
Solved! Go to Solution.
I did some tests with failover. During the time of failover Posture does not work, but as son as PAN2 becomes Primary admin then Posture starts working.
If I cut the connection between PSN and both PANs then Posture stops working.
In the switch I can see that user authentication is successfull, but then nothing more happens.
The switch and PSN are on the same VLAN.
I have gathered DART logs, but I am unsure what too look for. At first glance I dont see anything special that can be wrong.
What I fail to understand is why PSN needs connection to PAN when the only thing I am doing is checking if AVG Antivirus is installed on the computer.
are you having Posture's issues when Primary PAN is shutdown, but Posture has no issues when Primary PAN has the Database Server state as running and the Application Server still in the initializing state?
PS.: check ISE's process state with show application status ise.
Hope this helps !!!