02-06-2024 01:53 PM
Hello
We have an old ise 2.7 deployment with 2 notes.
The PPAN is fine but the Secondary is out of sync since along time.... (several months)
Looks they can not communicate anymore. We need of course to check dns, ntp , certs and network connectivity....
In case everything is fine with the above options but still not in sync, is it possible to deregister/remove the secondary from pan and reset the secondary from scratch? I mean can we dereguster the span if it is un reachable from pan?
Regards
Solved! Go to Solution.
02-06-2024 04:51 PM
Yes, you can deregister a node that is not synchronized or reachable. You could then reset the failed node from the CLI using the 'application reset-config ise' command to rebuild it, import (if you saved the private key) or re-generate the Admin cert for the node, and register it back to the Primary PAN.
02-06-2024 04:51 PM
Yes, you can deregister a node that is not synchronized or reachable. You could then reset the failed node from the CLI using the 'application reset-config ise' command to rebuild it, import (if you saved the private key) or re-generate the Admin cert for the node, and register it back to the Primary PAN.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide