Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
676
Views
1
Helpful
2
Replies

vISE Azure Deployment Issue

Go to solution
DCoutinho93
Level 1
Level 1

ā€Ž06-09-2023 05:07 AM

Hello,

We have deployed ISE node in Azure. However, out of the box ISE application  is stuck in initializing.

No DNS, NTP or domain is correct for our environment, as it comes with defaults. Every time I try to change domain-name, ISE will restart its services and ISE is broken (access to Azure serial console stops working and I have to redeploy it.) 

Is there a way to stop ISE from restarting services when I change NTP, DNS or other configuration? 
I tried stopping (application ise stop) but then the services start after I change config.


Best Regards,
Diogo

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
thomas
Cisco Employee
Cisco Employee

ā€Ž06-20-2023 02:47 PM

You should provision the ISE node with NTP and DNS settings when you provision the node using the User data field.

Deploy Cisco Identity Services Engine Natively on Cloud Platforms > Cisco ISE on Azure Cloud Services:

Step 11

In the Management tab, retain the default values for the mandatory fields and click Next: Advanced.

Step 12

In the User data area, check the Enable user data check box.

In the User data field, enter the following information:

hostname=<hostname of Cisco ISE>
primarynameserver=<IPv4 address>
dnsdomain=<example.com>
ntpserver=<IPv4 address or FQDN of the NTP server>
timezone=<timezone>
password=<password>
ersapi=<yes/no>
openapi=<yes/no>
pxGrid=<yes/no>
pxgrid_cloud=<yes/no>

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Nancy Saini
Cisco Employee
Cisco Employee

ā€Ž06-09-2023 06:28 AM

It is expected for services to restart on ISE when you change the domain name, as it would change the FQDN of the server and all system certificates are required to be replaced with new FQDN. Hence, a service restart is needed and cannot be skipped.

For NTP, there should not be any service restart on the server.

Go to solution
thomas
Cisco Employee
Cisco Employee

ā€Ž06-20-2023 02:47 PM

You should provision the ISE node with NTP and DNS settings when you provision the node using the User data field.

Deploy Cisco Identity Services Engine Natively on Cloud Platforms > Cisco ISE on Azure Cloud Services:

Step 11

In the Management tab, retain the default values for the mandatory fields and click Next: Advanced.

Step 12

In the User data area, check the Enable user data check box.

In the User data field, enter the following information:

hostname=<hostname of Cisco ISE>
primarynameserver=<IPv4 address>
dnsdomain=<example.com>
ntpserver=<IPv4 address or FQDN of the NTP server>
timezone=<timezone>
password=<password>
ersapi=<yes/no>
openapi=<yes/no>
pxGrid=<yes/no>
pxgrid_cloud=<yes/no>
0 Helpful
Customers Also Viewed These Support Documents