Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have an interesting issue on one of my ISE 2.4 (Patch 11) nodes. It has somehow managed to get two separate certs assigned to the "Default Portal Certificate Group". For example: Name: portal-ssl-1.ise Use: Portal Portal group tag: Default ...
We just discovered this bug when trying to add new PSNs to our existing rollout. It took a couple of days to figure out why, despite the appropriate permissions for the AD user and the exact OU string, the Join command kept failing with "Access Denie...
I am attempting to get the Profiler FeedService working in our ISE (2.4, Patch 9) deployment, but it keeps returning a non-helpful "null" error whenever I test it:Test result: Failure: FeedService test connection failed : Feed Service error : null **...
Hello, We're setting up a fully-distributed 2.4 ISE cluster across 3 datacenters. 2 of the DCs will have PAN and MnT nodes (primary/secondary, of course), and all 3 DCs will have at least 2 PSNs each. The PSNs are being load-balanced behind F5s. Th...
Okay, looks like it's really stuck in a weird way. It let me assign the self-signed cert to the Portal, but it only took the role away from "portal-ssl-1", leaving "portal-ssl-2" and the self-signed cert assigned to Default Portal duty. I'll either c...
We just ran into a similar problem, using ISE 2.4. After experimenting and playing around, it's seems to be a bug in how ISE sometimes handles Root Groups that used to have sub-groups and devices assigned - it doesn't always (behind the scenes) remov...
It's contacting ise.cisco.com (208.90.58.30), on port 8443, as one might expect. The problem, of course, is that I can't actually see what data errors are being passed back, since everything is encrypted. But it's definitely talking to the remote pro...
Thank you for the calculator link and the information. I know about the split-interface stuff, that's the way it's configured now, but we were trying to avoid the mess with static routes and other things that it entails. Based on some prelim numbers ...
