Solved: ISE 2.3 Setting default Authentication Policy to DenyAccess will delete Auth Policy

Arne Bier · ‎11-20-2017

Running ISE 2.3 patch 1 and I noticed today that when I change the Authentication Policy Default to "Deny Access" then the entire Authentication Policy gets wiped out, and there is no way to rebuild it.

Only way is to delete the entire Policy Set and start again. Is it no longer allowed to make the default Auth Policy DenyAccess?

hariholla · ‎11-21-2017

You are hitting CSCvg44615 looks like.

~Hari

View solution in original post

hariholla · ‎11-21-2017

You are hitting CSCvg44615 looks like.

~Hari

Arne Bier · ‎11-21-2017

I have to say these bugs are getting a bit rediculous now.

hslai · ‎11-21-2017

There is a hot patch for this. Please ask TAC to request for it.

Arne Bier · ‎11-21-2017

I opened a TAC case today and the TAC jumped right onto it. But after some research it turns out this is not a trivial patch that can be applied. TAC informed me that it would take a few days to get it from BU.

At that point I decided to rather wait for the official patch because it sounded like it could turn into a mission and I don't want complications when the official patch is applied.

hslai · ‎11-21-2017

If your ISE 2.3 has no other hot patches applied yet, the existing hot patch should work. If you share the case number, I can take a look and check for the particular.