cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1729
Views
10
Helpful
4
Replies

Primary node was down (what kind will be behavior of all deployment ?)

lamodadotru
Level 1
Level 1

Hi everyone !

i have next deployment

Administration, Monitoring, Policy Service
SEC(A), SEC(M)
Administration, Monitoring, Policy Service
PRI(A), PRI(M)
Policy Service
 

what happen if i shutdown or do command application stop ise on ise-02 node, what will be kind of behavior ?

ise-01 and ise-02 proceed to work normal (authentication, authorization ) ?? and how long i can keep ise-02 is powered off

anyone tested it ??

Thank you !

 

 

1 Accepted Solution

Accepted Solutions

Damien Miller
VIP Alumni
VIP Alumni
What Paul said on the deployment not being officially supported. You are half way between a standalone (1/2 node) and hybrid deployment.

The admin guide also covers what features won't be available while the primary admin node is down.
https://www.cisco.com/c/en/us/td/docs/security/ise/2-7/admin_guide/workflow/html/b_deployment_2_7.html#ID59

View solution in original post

4 Replies 4

paul
Level 10
Level 10

First of all you are running an unsupported configuration.  Once you add a 3rd node you have to remove the policy service personas from the admin/monitoring nodes to be supported.  Not saying your setup doesn't work just saying it is not a supported deployment model.

 

If you stop the primary admin node the other two nodes will continue to process authentications just fine.  You won't  be able to administer the system until the primary comes back online or if you have PAN autofailover configured until the secondary admin is automatically pointed to primary.

 

Depending on what version you are running a reboot/service restart can take anywhere from 15-30 min.

 

 

Thank you !

Damien Miller
VIP Alumni
VIP Alumni
What Paul said on the deployment not being officially supported. You are half way between a standalone (1/2 node) and hybrid deployment.

The admin guide also covers what features won't be available while the primary admin node is down.
https://www.cisco.com/c/en/us/td/docs/security/ise/2-7/admin_guide/workflow/html/b_deployment_2_7.html#ID59

Thank you !
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: