07-09-2019 05:29 AM - edited 07-09-2019 05:33 AM
Hi,
I am running ISE 2.4 and Firepower FTD 6.4 with the ANC function to quarantine endpoints and that has been working fine, but we recently changed ISE servers and run into problems. On the Firepower side I have created new certificates and configured the pxGrid services with the new ISE servers, etc. The pxGrid part is working so I know the communication to the new ISE servers are working. However when trying to trigger a quarantine event from Firepower, I get the following error message "ISE was contacted, but it couldn't find a session for the specified IP address" I then tried to manually apply the ANC policy directly from ISE, but I get a "Session lookup Failure" when trying to apply it to the endpoint. I also see this error in the Context visibility menu - "15039 Rejected per authorization profile". However, I can see the the authenticated endpoint in both the switch and in the radius live log, so the authentication part seams to work fine. I have tried to recreate the same ANC policy that we used in our old ISE server, but I guess something is missing. Any ideas on how I can troubleshoot this?
Thanks and regards
/Jörgen
Solved! Go to Solution.