08-04-2018 07:36 AM
ISE-2.3.0.298 ( Patch 2)
MySet up
ISE1 and ISE2 and kept as below for load balancing.
Wireless user ISE2 as primary
Wired user ISE1 as primary
Normally the load balancing and 801.x working for wired and wireless and faced the issue with below circumstance as randomly.
Any connect ISE posture not performed in Primary Server-ISE1 when the network change happened from Wifi to wired.
For example, when WiFi and the primary LAN are connected in laptop, the agent restarted discovery and connected ISE 1 and when LAN is removed then agent restarted the discovery and connected to ISE 2 but when LAN connected back the agent restarted the discovery and shows as compliance but not connected with ISE1 and still connected to ISE2 and when checked the logs in the ISE and the switch we can see non-compliance and re direct URL placed.
Due to this User URL gets re directed and going to Client Provisioning Portal for Device Security Check,
Plz give some inputs.
Solved! Go to Solution.
08-05-2018 06:30 PM
You mentioned this happening randomly so please open a TAC case to work on it.
We would likely need capture the debug logs of ISE sessions and posture components, besides AnyConnect DART bundles.
08-05-2018 06:30 PM
You mentioned this happening randomly so please open a TAC case to work on it.
We would likely need capture the debug logs of ISE sessions and posture components, besides AnyConnect DART bundles.
08-06-2018 07:34 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide