Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4311
Views
30
Helpful
9
Replies

CISCO Prime 3.4 job Identity Services Engine Failed

Go to solution
Nadia Bbz
Level 1
Level 1

‎12-25-2019 12:58 AM

Dear Team ,

i usually get job failed about Identity Services Engine Status

i don't know the reason for this error  as show attached

thanks for help

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Y C
Level 1
Level 1
In response to Nadia Bbz

‎01-02-2020 08:10 AM

Well, there's not much to adding the ISE server to prime - just username/password http timeout and port. Port is 443, timeout is 30.

 

Are you able to ping prime from the ISE monitor node ? Have you tried deleting the server from prime and set it back up?

 

Assuming no reachability issues and the proper id/pw, check the output of "ncs certvalidation tofu-certs listcerts" from prime. If the cert for your ISE server is listed, delete it using "ncs certvalidation tofu-certs listcerts" and then try re-adding it. If that doesn't work, it's a TAC case.

 

 

View solution in original post

9 Replies 9

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎12-25-2019 04:39 AM

I believe the attachment is missed here.

 

please check the admin guide and check the config on the admin GUI of prime as per the below document :

 

https://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-4/admin/guide/bk_CiscoPrimeInfastructure_3_4_AdminGuide/bk_CiscoPrimeInfastructure_3_4_AdminGuide_chapter_0101.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Nadia Bbz
Level 1
Level 1
In response to balaji.bandi

‎12-26-2019 01:29 AM

Dear Team ,

yes i missed attached

thanks for help

Preview file
65 KB
Preview file
24 KB
Preview file
65 KB
0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Nadia Bbz

‎12-26-2019 10:38 AM

Click on the job, click on the history or event should show the reason of failure.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Nadia Bbz
Level 1
Level 1
In response to balaji.bandi

‎12-29-2019 12:56 AM

hey,

the reason of failure :  no data is available

i don't know how to resolve it

 

0 Helpful

Go to solution
Y C
Level 1
Level 1
In response to Nadia Bbz

‎12-30-2019 03:42 PM

Under Administration > Servers > ISE Servers do you have your ISE servers setup there? They need to be the servers assuming the monitor personas if you have a distributed deployment. Is there status shown as reachable? If no to either question then I imagine it's normal for the job to fail.

0 Helpful

Go to solution
Nadia Bbz
Level 1
Level 1
In response to Y C

‎01-02-2020 12:35 AM

thanks for you help , yes the status of Identity Services Engine server unreachable

Identity Services Engine update failed : Some unexpected internal error has occurred.

how to configure it correctly

 

0 Helpful

Go to solution
Y C
Level 1
Level 1
In response to Nadia Bbz

‎01-02-2020 08:10 AM

Well, there's not much to adding the ISE server to prime - just username/password http timeout and port. Port is 443, timeout is 30.

 

Are you able to ping prime from the ISE monitor node ? Have you tried deleting the server from prime and set it back up?

 

Assuming no reachability issues and the proper id/pw, check the output of "ncs certvalidation tofu-certs listcerts" from prime. If the cert for your ISE server is listed, delete it using "ncs certvalidation tofu-certs listcerts" and then try re-adding it. If that doesn't work, it's a TAC case.

 

 

Go to solution
Nadia Bbz
Level 1
Level 1
In response to Y C

‎01-05-2020 10:47 AM

Thanks so much for your help

0 Helpful

Go to solution
bellil.amine
Level 1
Level 1
In response to Y C

‎12-07-2020 01:27 PM

it work for me,

 

to delete the old certificate use the cmd :

ncs certvalidation tofu-certs deletecert host <iseIPaddress_port>

 

thank you Y C.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card