Cisco Support Community
Community Member

ISE 1.2 step-by-step patch or direct to latest....and IPEP does it get any patches?

I am currently running ISE 1.1.3u1

Since I will basically have to redo my IPEPs to renew our SSL Certs, I am planning to just move up to 1.2.

Questions I have are:

Is there not a FULL install for 1.2u"latest"?

From my understanding I should be able to upgrade direct from 1.1.3 to 1.2 on my admin/policy/MnT node (VM) but my IPEPs will have to be totally recreated to move to 1.2. Is this correct?

Then once I am on 1.2, can I just jump to the latest update, or do I have to install each update one by one?

Something I just read made me think that the IPEPs won't be able to take the 1.2 patches, as in they will be stuck at with no updates, is this correct?



You can upgrade only

You can upgrade only Administration, Policy Service, and Monitoring nodes. Upgrades are not supported for Inline Posture Nodes (IPNs). For IPNs, you must reimage your appliance and perform a fresh installation.


ASA newer code is out IPN are

ASA newer code is out IPN are no longer required, may be Cisco will discontinue it.  Its better to shift to ASA for CoA

Community Member

This will definitely be my

This will definitely be my endgame.

But since this code just came out, I am not willing to jump direct to it, yet.

Also, I haven't found much documentation on how to make this transition, i.e., exactly what settings on the ASA will make it replace the IPN, and if any changes need to be made on the Admin/Policy/MnT server.

Then as soon as I make that transition, I will be able to rebuild the 3315 (have 2) to be failover between the two locations.

CreatePlease to create content