cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
345
Views
2
Helpful
5
Replies

ISE server not responding

Robo123
Level 1
Level 1

Hi All,

i have the below setup where i am seeing Primary ISE server (ISE1) is not responding to My PC and it always getting response from secondory server(ISE2).I have checked the Access switch config all looks fine.So currently i have done the packet capture on the Access switch Uplink and core end as well simultaniously.can some one help me to know how can i filter/check EAP packet communication in wireshark.

Robo123_0-1721327181815.png

 

5 Replies 5

for what you use ISE for SW admin or for client Access ?

MHM

client access (dot1x)

Good 
so there is two Server config under one group in access SW 
the access SW use random IP or specific IP ?
if you dont config specific IP then the FW can drop the traffic 
you need to use 

ip radius source-interface <vlan svi IP>

then in FW allow this IP to access both ISE

MHM

so there is two Server config under one group in access SW---> yes Primary server ISE1 & Secondary ISE2

ip radius source-interface <vlan svi IP> ---Switch Mgmt called here.

Note : Here the users are authenticating via Secanday ISE( ISE2 ) with out any issue not via ISE 1.so i am already captured PCAP file in all direction please he lp me to know the filer to check if the EAP packet is going towords Primay ISE server.

send to me pcap 

and do show server aaa <<- share this

MHM

Review Cisco Networking for a $25 gift card