Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1463
Views
5
Helpful
3
Replies

Secondary ISE auth requests

Go to solution
manvik
Level 3
Level 3

‎04-03-2022 11:58 PM

Can secondary ISE serve any authentication requests? Current setup is primary ISE at DC and secondary ISE at DR. 
Testing anyconnect VPN via DR. Since DR ISE is in a secondary role, can it server the authentication requests from DR ASA.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP
In response to manvik

‎04-04-2022 03:25 AM

@manvik Yes, you should be able to see the authentications in the DC ISE Logs. DC/DR are part of the same cluster, the Primary MnT will log traffic for any PSN in the cluster, regardless of where it is physically located.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rob Ingram
VIP
VIP

‎04-04-2022 12:36 AM

@manvik I assume these ISE nodes part of the same cluster? If so, then as long as the secondary node is running the PSN persona then yes it can authenticate requests from the DR ASA. It's the configuration of the ASA which is configured with the PSN and which PSN to prefer.

Go to solution
manvik
Level 3
Level 3
In response to Rob Ingram

‎04-04-2022 01:47 AM

yes, ISE nodes are part of same cluster. currently the authentication is not working, can DR ISE logs viewed from DC ISE in same cluster.

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to manvik

‎04-04-2022 03:25 AM

@manvik Yes, you should be able to see the authentications in the DC ISE Logs. DC/DR are part of the same cluster, the Primary MnT will log traffic for any PSN in the cluster, regardless of where it is physically located.

0 Helpful
Customers Also Viewed These Support Documents