upgrading cisco ise
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2012 10:09 AM - edited 03-10-2019 07:52 PM
Hello,
We are planning to upgrade our ise boxes to 1.1.1.2xx version. I want to know which repository I should use for transferring the image? Which will be faster? sftp, ftp, tftp, http etc?
- Labels:
-
AAA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2012 06:02 PM
Ftp requires much less headache than sftp and is faster than tftp.
Sent from Cisco Technical Support Android App
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2012 07:14 PM
Thanks Tarik.
We are going from 1.1.0.665 to v1.1.1.268 patch 5
Here are the steps I am going to take:
First install 1.1 patch 3 (per release notes)
then install version 1.1.1 upgrade bundle
finally install patch 1.1.1 patch 5
Are there any gotchas I need to be aware of well in advance?
We have a distributed deployment and will be following
http://www.cisco.com/en/US/docs/security/ise/1.1.1/upgrade_guide/upg_dis_dep.html for upgrade.
Thanks,
Kashish
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2012 08:16 AM
Why not go straight to 1.1.2 instead? Are you upgrading a distributed deployment? If so how many nodes are in your deployment?
I know the administration node took me over 5 hours to fully upgrade, so when you upgrade the PSN nodes you may want to reset the database so it doesnt take as long. Can you please elaborate more on your setup?
Thanks,
Tarik Admani
*Please rate helpful posts*
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2012 08:58 AM
Because of RNs (http://www.cisco.com/en/US/docs/security/ise/1.1.1/release_notes/ise111_rn.html#wp376240)
- Before you can upgrade to Cisco ISE, Release 1.1.1 from Release 1.1, you must first be sure you have applied Cisco Identity Services Engine Cumulative Patch 3 to your Release 1.1 machine(s)
Yes we have a distributed deployment.
2 admin/monitor nodes ( one primary , other secondary, both VMs)
4 PSNs (appliances)
I did not understand this: "
the administration node took me over 5 hours to fully upgrade, so when you upgrade the PSN nodes you may want to reset the database so it doesnt take as long."
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2012 01:44 PM
I would recommend you wait until mid-January 2013.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2012 07:24 PM
Kashish,
Keep in mind that PSN nodes when detached retain the application database, this causes more time during the upgrade since the database does go through some changes. My solution with one of my customers was to reset the application database, so that the data in this database is minimal when the upgrade is performed. When you rejoin this node to the new 1.1.2 administration node, it will pull the application database from this admin node.
So you want to follow the distributed deployment instructions on the upgrade which can be found in the install and upgrade guides in the ISE documentation.
Thanks,
Tarik Admani
*Please rate helpful posts*
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-05-2013 07:07 AM
fyi, the standalone upgrade to 1.2 took 3 hours on yesterday on a 3395 appliance. From what I could see, the monitoring database and database upgrade from 32-bit to 64-bit is what chewed up the most time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-02-2013 02:48 AM
Please check the below link this may can be helpful for you:
Link-1:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-02-2013 05:27 AM
Just to let you know, you guys are replying to a topic that is almost a year old. The question referenced 1.1.2 not 1.2.
FYI.
