Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
370
Views
1
Helpful
1
Replies

Secondary node not synced

Go to solution
REJR77
Level 1
Level 1

‎02-06-2024 01:53 PM

Hello

We have an old ise 2.7 deployment with 2 notes.

The PPAN is fine but the Secondary is out of sync since along time.... (several months)

Looks they can not communicate anymore. We need of course to check dns, ntp , certs and network connectivity....

In case everything is fine with the above options but still not in sync, is it possible to deregister/remove the secondary from pan and reset the secondary from scratch? I mean can we dereguster the span if it is un reachable from pan?

 

Regards

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎02-06-2024 04:51 PM

Yes, you can deregister a node that is not synchronized or reachable. You could then reset the failed node from the CLI using the 'application reset-config ise' command to rebuild it, import (if you saved the private key) or re-generate the Admin cert for the node, and register it back to the Primary PAN.

View solution in original post

1 Reply 1

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎02-06-2024 04:51 PM

Yes, you can deregister a node that is not synchronized or reachable. You could then reset the failed node from the CLI using the 'application reset-config ise' command to rebuild it, import (if you saved the private key) or re-generate the Admin cert for the node, and register it back to the Primary PAN.

Customers Also Viewed These Support Documents