Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
998
Views
0
Helpful
7
Replies

Unable to Join ISE Secondary to Primary Server... Need Help !!!!

sai.naga1
Level 1
Level 1

‎11-08-2017 09:04 PM - edited ‎02-21-2020 10:38 AM

We had a working ISE 2.1 Patch 3 deployment of two nodes. The secondary node was showing some issues, hence we rebuilt the secondry server once again. The new secondary runs the same software version and patch level. Forward / Reverse DNS entries for both nodes exist. The Same CA which is a part of the primary was exported to secoundry server.
We have an issue with Node Registration, The error message we are getting is user name and password are incorrect.
Kindly help us in this regards.

This is a critical issue, help is needed ASAP.

 

Thank you in advance.

Labels:
0 Helpful
7 Replies 7

Mohammed al Baqari
Level 11
Level 11

‎11-08-2017 09:12 PM

Make sure that the certificate chain of primary is imported in secondary
trusted store and the certificate chain of the secondary is imported in
primary trusted store
0 Helpful

sai.naga1
Level 1
Level 1
In response to Mohammed al Baqari

‎11-08-2017 09:32 PM

During the initial Implementation of the ISE Server, new certificate has been imported from primary to secondary and secondary to primary. After some days, We did a re-image of the secondary server and re-configured it.
The Same certificate which was used during implementation was imported to secondary once again. Will the Importing of the old certificate, result in this issue ?
0 Helpful

Mohammed al Baqari
Level 11
Level 11
In response to sai.naga1

‎11-08-2017 09:58 PM

Yes, you need to import the current use cert
0 Helpful

Arne Bier
VIP
VIP

‎11-08-2017 10:08 PM

the username is: admin and the password is the password you use for the web GUI (not the CLI password)

0 Helpful

sai.naga1
Level 1
Level 1
In response to Arne Bier

‎11-08-2017 11:03 PM

We have integrated the ISE Server with Active Directory,... We are using an account which is a part of the super admin group in ise primary server.
This would make the normal admin as a super admin.
0 Helpful

sai.naga1
Level 1
Level 1

‎11-09-2017 02:01 AM

Folks... Help us
0 Helpful

Arne Bier
VIP
VIP
In response to sai.naga1

‎11-09-2017 03:00 AM

Can you log into the new ISE node's web GUI using the Internal admin user?  If yes, then use that admin and its password when registering that node on the Primary PAN.

What errors are you getting. Put some screen shots on this forum to help people help you.

Have you checked that DNS resolution is working on all nodes concerned?

Did you install the same server certificate that you used on the old server?  Did you assign Admin role when importing that cert?  Can you see that that cert is used when browsing to the Admin GUI?

 

0 Helpful
Customers Also Viewed These Support Documents