cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9685
Views
4
Helpful
26
Replies

ISE....uh.......No response from ISE node again...

jiyoung Kim
Level 1
Level 1

1.png

What is up with No Response from ISE Node ??

Even though it sounds like the PSN node can't communicate with AD, it does authenticate and retrieving Groups, and attrbitues.

How can I fix this ?

why is it saying 'No Response from ISE Node ?

26 Replies 26

Tarik Admani
VIP Alumni
VIP Alumni

Hi,

Is this in the Active Directory settings? If so, what are the hostnames of both nodes? ISE will continue to authenticate users based on the cache it has of AD, if you reboot the node then all authentications will fail. You may want to check and see if the computer account for ISE wasnt removed.

if this is in a lab environment you may need to check the status of the computer accounts and make sure there are still there.

Tarik Admani
*Please rate helpful posts*

I did not know the ISE makes cashes for authentcate users of AD.

also it was working fine, looked fine yesterday.

It will cache AD information such as user and groups. Also I would check dns settings..etc to see why the ise nodes are not connected to the AD domain.

Tarik Admani
*Please rate helpful posts*

the only thing I have changed is that certificate for EAP...

so I re-changed it to original one.

dns is working fine..

Plus.....when I try to retrieve AD group or attributes, it works...

Had the same issue, certificate had a typo, after adding correct certificate, problem was solved.

Venkatesh Attuluri
Cisco Employee
Cisco Employee

This issue can also arise if the Cisco ISE FQDN changes and/or the name of the

certificate imported on the client machine has changed.

Shut down or pause your Active Directory server and try to authenticate an user

to the network.

Ensure that your Active Directory domain and Cisco ISE are aligned to the same

NTP server source.

Hello,

I have the same problem. I integrated new servers in my ISE cluster and I also have this same message on three of them. On my secondary servers, the status is "CONNECTED" and if I do a test on the secondary server, it returns a Successful test, while the same from the primary on the secondary, it fails.

We don't have any FW or anything in between and all our ISE servers are pointing on the same NTP server.

Any advice ?

Many thanks,

David

It might be the cetificate issue.

If you use wildcard mask certificate, try with SAN in your certificate.

I do not have the SAN in the wildcard mask certificate that I used for ISE.

I am going to test this on Friday.

Hi,

I have three servers fully ok and three others with the warning status "No Response from ISE Node".

We used for all servers the same mechanism to generate certificate. We don't use SAN, nor wildcard. We are using certificate with the CN of each ISE.

Any idea ?

David

Hi,

Can you guys check the communication in the deployment tab from the Admin node, lets see if the replication is still enabled.

Also what version of ISE are you on? If on 1.1.x please run the command "show logging application ise tail" that should give you a list of all the ise nodes to ip mappings. I have seen dns issues where stale or duplicate records for ise can cause issues where the admin nodes will pull the wrong dns information at time.

Thanks,

Tarik Admani
*Please rate helpful posts*

Hi,

Communication is fine between all ISE nodes, replications is COMPLETE for all nodes.

I am running 1.1.4.218 with Patch 4 on all servers.

I have 4 servers in my 8 servers-deployment that are in that strange AD status.

The command "show logging application ise tail" does not show bad things. The DisplayName is always equal to the HostName which is the same as the HostAlias (with the domain name). Please see below.é

Any ideas ?

David

------

Wed Sep 04 11:49:44 CEST 2013 : Poller wakeup...

Wed Sep 04 11:49:45 CEST 2013 : HostConfig : gcncsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   DisplayName     : gcncsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   HostId          : 9cec53f0-151f-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :   HostName        : gcncsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   HostAlias       : gcncsl0001ise.na.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 :   CreateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   UpdateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   NodeServiceType : SESSION

Wed Sep 04 11:49:45 CEST 2013 :   MasterStatus    : NONE

Wed Sep 04 11:49:45 CEST 2013 :   NodeTypes       : PDP

Wed Sep 04 11:49:45 CEST 2013 :   NodeRoleStatus  : SECONDARY

Wed Sep 04 11:49:45 CEST 2013 :   NICInterfaces   :

Wed Sep 04 11:49:45 CEST 2013 :     0 Id          : 9cec53f3-151f-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     0 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     0 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     0 NicCards    : eth2

Wed Sep 04 11:49:45 CEST 2013 :     1 Id          : 9cec53f2-151f-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     1 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     1 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     1 NicCards    : eth1

Wed Sep 04 11:49:45 CEST 2013 :     2 Id          : 9cec53f1-151f-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     2 IPAddress   : 10.97.32.223

Wed Sep 04 11:49:45 CEST 2013 :     2 SubNetMask  : 255.255.255.0

Wed Sep 04 11:49:45 CEST 2013 :     2 NicCards    : eth0

Wed Sep 04 11:49:45 CEST 2013 :     3 Id          : 9cec53f4-151f-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     3 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     3 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     3 NicCards    : eth3

Wed Sep 04 11:49:45 CEST 2013 : Checking HA status...

Wed Sep 04 11:49:45 CEST 2013 : Node gcncsl0001ise.na.givaudan.com is not an MNT node

Wed Sep 04 11:49:45 CEST 2013 : Ignoring node configuration for host gcncsl0001ise.na.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 : HostConfig : gjucsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   DisplayName     : gjucsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   HostId          : 346a29c0-1177-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :   HostName        : gjucsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   HostAlias       : gjucsl0001ise.ap.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 :   CreateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   UpdateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   NodeServiceType : SESSION

Wed Sep 04 11:49:45 CEST 2013 :   MasterStatus    : NONE

Wed Sep 04 11:49:45 CEST 2013 :   NodeTypes       : PDP

Wed Sep 04 11:49:45 CEST 2013 :   NodeRoleStatus  : SECONDARY

Wed Sep 04 11:49:45 CEST 2013 :   NICInterfaces   :

Wed Sep 04 11:49:45 CEST 2013 :     0 Id          : 346a29c1-1177-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     0 IPAddress   : 10.32.67.223

Wed Sep 04 11:49:45 CEST 2013 :     0 SubNetMask  : 255.255.254.0

Wed Sep 04 11:49:45 CEST 2013 :     0 NicCards    : eth0

Wed Sep 04 11:49:45 CEST 2013 :     1 Id          : 346a29c2-1177-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     1 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     1 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     1 NicCards    : eth1

Wed Sep 04 11:49:45 CEST 2013 :     2 Id          : 346a29c3-1177-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     2 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     2 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     2 NicCards    : eth2

Wed Sep 04 11:49:45 CEST 2013 :     3 Id          : 346a29c4-1177-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     3 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     3 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     3 NicCards    : eth3

Wed Sep 04 11:49:45 CEST 2013 : Checking HA status...

Wed Sep 04 11:49:45 CEST 2013 : Node gjucsl0001ise.ap.givaudan.com is not an MNT node

Wed Sep 04 11:49:45 CEST 2013 : Ignoring node configuration for host gjucsl0001ise.ap.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 : HostConfig : gmicsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   DisplayName     : gmicsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   HostId          : af067300-10b4-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :   HostName        : gmicsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   HostAlias       : gmicsl0001ise.na.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 :   CreateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   UpdateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   NodeServiceType : SESSION

Wed Sep 04 11:49:45 CEST 2013 :   MasterStatus    : NONE

Wed Sep 04 11:49:45 CEST 2013 :   NodeTypes       : PDP

Wed Sep 04 11:49:45 CEST 2013 :   NodeRoleStatus  : SECONDARY

Wed Sep 04 11:49:45 CEST 2013 :   NICInterfaces   :

Wed Sep 04 11:49:45 CEST 2013 :     0 Id          : af067304-10b4-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     0 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     0 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     0 NicCards    : eth3

Wed Sep 04 11:49:45 CEST 2013 :     1 Id          : af067302-10b4-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     1 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     1 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     1 NicCards    : eth1

Wed Sep 04 11:49:45 CEST 2013 :     2 Id          : af067301-10b4-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     2 IPAddress   : 10.96.67.223

Wed Sep 04 11:49:45 CEST 2013 :     2 SubNetMask  : 255.255.252.0

Wed Sep 04 11:49:45 CEST 2013 :     2 NicCards    : eth0

Wed Sep 04 11:49:45 CEST 2013 :     3 Id          : af067303-10b4-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     3 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     3 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     3 NicCards    : eth2

Wed Sep 04 11:49:45 CEST 2013 : Checking HA status...

Wed Sep 04 11:49:45 CEST 2013 : Node gmicsl0001ise.na.givaudan.com is not an MNT node

Wed Sep 04 11:49:45 CEST 2013 : Ignoring node configuration for host gmicsl0001ise.na.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 : HostConfig : gsrcsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   DisplayName     : gsrcsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   HostId          : 305e3f30-147c-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :   HostName        : gsrcsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   HostAlias       : gsrcsl0001ise.ap.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 :   CreateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   UpdateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   NodeServiceType : SESSION

Wed Sep 04 11:49:45 CEST 2013 :   MasterStatus    : NONE

Wed Sep 04 11:49:45 CEST 2013 :   NodeTypes       : PDP

Wed Sep 04 11:49:45 CEST 2013 :   NodeRoleStatus  : SECONDARY

Wed Sep 04 11:49:45 CEST 2013 :   NICInterfaces   :

Wed Sep 04 11:49:45 CEST 2013 :     0 Id          : 305e3f31-147c-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     0 IPAddress   : 10.32.128.223

Wed Sep 04 11:49:45 CEST 2013 :     0 SubNetMask  : 255.255.255.0

Wed Sep 04 11:49:45 CEST 2013 :     0 NicCards    : eth0

Wed Sep 04 11:49:45 CEST 2013 :     1 Id          : 305e3f32-147c-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     1 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     1 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     1 NicCards    : eth1

Wed Sep 04 11:49:45 CEST 2013 :     2 Id          : 305e3f34-147c-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     2 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     2 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     2 NicCards    : eth3

Wed Sep 04 11:49:45 CEST 2013 :     3 Id          : 305e3f33-147c-11e3-86da-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     3 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     3 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     3 NicCards    : eth2

Wed Sep 04 11:49:45 CEST 2013 : Checking HA status...

Wed Sep 04 11:49:45 CEST 2013 : Node gsrcsl0001ise.ap.givaudan.com is not an MNT node

Wed Sep 04 11:49:45 CEST 2013 : Ignoring node configuration for host gsrcsl0001ise.ap.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 : HostConfig : gvecsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   DisplayName     : gvecsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   HostId          : cf0e4260-b1a3-11e2-87c5-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :   HostName        : gvecsl0001ise

Wed Sep 04 11:49:45 CEST 2013 :   HostAlias       : gvecsl0001ise.emea.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 :   CreateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   UpdateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   NodeServiceType : unknown

Wed Sep 04 11:49:45 CEST 2013 :   MasterStatus    : STANDBY

Wed Sep 04 11:49:45 CEST 2013 :   NodeTypes       : PAP MNT

Wed Sep 04 11:49:45 CEST 2013 :   NodeRoleStatus  : PRIMARY

Wed Sep 04 11:49:45 CEST 2013 :   NICInterfaces   :

Wed Sep 04 11:49:45 CEST 2013 :     0 Id          : cf0e4262-b1a3-11e2-87c5-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     0 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     0 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     0 NicCards    : eth1

Wed Sep 04 11:49:45 CEST 2013 :     1 Id          : cf0e4263-b1a3-11e2-87c5-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     1 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     1 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     1 NicCards    : eth2

Wed Sep 04 11:49:45 CEST 2013 :     2 Id          : cf0e4264-b1a3-11e2-87c5-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     2 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     2 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     2 NicCards    : eth3

Wed Sep 04 11:49:45 CEST 2013 :     3 Id          : cf0e4261-b1a3-11e2-87c5-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     3 IPAddress   : 10.71.142.9

Wed Sep 04 11:49:45 CEST 2013 :     3 SubNetMask  : 255.255.255.0

Wed Sep 04 11:49:45 CEST 2013 :     3 NicCards    : eth0

Wed Sep 04 11:49:45 CEST 2013 : Checking HA status...

Wed Sep 04 11:49:45 CEST 2013 : Node gvecsl0001ise.emea.givaudan.com is an MNT node

Wed Sep 04 11:49:45 CEST 2013 : Node gvecsl0001ise.emea.givaudan.com has HA status STANDBY

Wed Sep 04 11:49:45 CEST 2013 : Enabling propagation...

Wed Sep 04 11:49:45 CEST 2013 : Checking node configuration...

Wed Sep 04 11:49:45 CEST 2013 : Enable MNT

Wed Sep 04 11:49:45 CEST 2013 : Enable PAP

Wed Sep 04 11:49:45 CEST 2013 : Disable PDP PROFILER SESSION

Wed Sep 04 11:49:45 CEST 2013 : Current/new node role status is PRIMARY PRIMARY

Wed Sep 04 11:49:45 CEST 2013 : HostConfig for standby MNT node exists: gvecsl0001ise.emea.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 : HostConfig : gvecsl0002ise

Wed Sep 04 11:49:45 CEST 2013 :   DisplayName     : gvecsl0002ise

Wed Sep 04 11:49:45 CEST 2013 :   HostId          : 11ffc710-ee17-11e2-a024-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :   HostName        : gvecsl0002ise

Wed Sep 04 11:49:45 CEST 2013 :   HostAlias       : gvecsl0002ise.emea.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 :   CreateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   UpdateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   NodeServiceType : unknown

Wed Sep 04 11:49:45 CEST 2013 :   MasterStatus    : ACTIVE

Wed Sep 04 11:49:45 CEST 2013 :   NodeTypes       : PAP MNT

Wed Sep 04 11:49:45 CEST 2013 :   NodeRoleStatus  : SECONDARY

Wed Sep 04 11:49:45 CEST 2013 :   NICInterfaces   :

Wed Sep 04 11:49:45 CEST 2013 :     0 Id          : 11ffc712-ee17-11e2-a024-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     0 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     0 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     0 NicCards    : eth1

Wed Sep 04 11:49:45 CEST 2013 :     1 Id          : 11ffc713-ee17-11e2-a024-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     1 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     1 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     1 NicCards    : eth2

Wed Sep 04 11:49:45 CEST 2013 :     2 Id          : 11ffc711-ee17-11e2-a024-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     2 IPAddress   : 10.71.142.10

Wed Sep 04 11:49:45 CEST 2013 :     2 SubNetMask  : 255.255.255.0

Wed Sep 04 11:49:45 CEST 2013 :     2 NicCards    : eth0

Wed Sep 04 11:49:45 CEST 2013 :     3 Id          : 11ffc714-ee17-11e2-a024-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     3 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     3 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     3 NicCards    : eth3

Wed Sep 04 11:49:45 CEST 2013 : Checking HA status...

Wed Sep 04 11:49:45 CEST 2013 : Node gvecsl0002ise.emea.givaudan.com is an MNT node

Wed Sep 04 11:49:45 CEST 2013 : Node gvecsl0002ise.emea.givaudan.com has HA status ACTIVE

Wed Sep 04 11:49:45 CEST 2013 : Ignoring node configuration for host gvecsl0002ise.emea.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 : HostConfig for active MNT node exists: gvecsl0002ise.emea.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 : HostConfig : gvecsl0003ise

Wed Sep 04 11:49:45 CEST 2013 :   DisplayName     : gvecsl0003ise

Wed Sep 04 11:49:45 CEST 2013 :   HostId          : c532d1c0-0671-11e3-b3d7-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :   HostName        : gvecsl0003ise

Wed Sep 04 11:49:45 CEST 2013 :   HostAlias       : gvecsl0003ise.emea.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 :   CreateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   UpdateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   NodeServiceType : SESSION

Wed Sep 04 11:49:45 CEST 2013 :   MasterStatus    : NONE

Wed Sep 04 11:49:45 CEST 2013 :   NodeTypes       : PDP

Wed Sep 04 11:49:45 CEST 2013 :   NodeRoleStatus  : SECONDARY

Wed Sep 04 11:49:45 CEST 2013 :   NICInterfaces   :

Wed Sep 04 11:49:45 CEST 2013 :     0 Id          : c532d1c4-0671-11e3-b3d7-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     0 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     0 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     0 NicCards    : eth3

Wed Sep 04 11:49:45 CEST 2013 :     1 Id          : c532d1c3-0671-11e3-b3d7-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     1 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     1 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     1 NicCards    : eth2

Wed Sep 04 11:49:45 CEST 2013 :     2 Id          : c532d1c1-0671-11e3-b3d7-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     2 IPAddress   : 10.71.142.2

Wed Sep 04 11:49:45 CEST 2013 :     2 SubNetMask  : 255.255.255.0

Wed Sep 04 11:49:45 CEST 2013 :     2 NicCards    : eth0

Wed Sep 04 11:49:45 CEST 2013 :     3 Id          : c532d1c2-0671-11e3-b3d7-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     3 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     3 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     3 NicCards    : eth1

Wed Sep 04 11:49:45 CEST 2013 : Checking HA status...

Wed Sep 04 11:49:45 CEST 2013 : Node gvecsl0003ise.emea.givaudan.com is not an MNT node

Wed Sep 04 11:49:45 CEST 2013 : Ignoring node configuration for host gvecsl0003ise.emea.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 : HostConfig : gvecsl0004ise

Wed Sep 04 11:49:45 CEST 2013 :   DisplayName     : gvecsl0004ise

Wed Sep 04 11:49:45 CEST 2013 :   HostId          : 86fe3b20-f53b-11e2-a024-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :   HostName        : gvecsl0004ise

Wed Sep 04 11:49:45 CEST 2013 :   HostAlias       : gvecsl0004ise.emea.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 :   CreateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   UpdateTime      : null

Wed Sep 04 11:49:45 CEST 2013 :   NodeServiceType : SESSION

Wed Sep 04 11:49:45 CEST 2013 :   MasterStatus    : NONE

Wed Sep 04 11:49:45 CEST 2013 :   NodeTypes       : PDP

Wed Sep 04 11:49:45 CEST 2013 :   NodeRoleStatus  : SECONDARY

Wed Sep 04 11:49:45 CEST 2013 :   NICInterfaces   :

Wed Sep 04 11:49:45 CEST 2013 :     0 Id          : 86fe3b21-f53b-11e2-a024-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     0 IPAddress   : 10.71.142.3

Wed Sep 04 11:49:45 CEST 2013 :     0 SubNetMask  : 255.255.255.0

Wed Sep 04 11:49:45 CEST 2013 :     0 NicCards    : eth0

Wed Sep 04 11:49:45 CEST 2013 :     1 Id          : 86fe3b24-f53b-11e2-a024-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     1 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     1 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     1 NicCards    : eth3

Wed Sep 04 11:49:45 CEST 2013 :     2 Id          : 86fe3b23-f53b-11e2-a024-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     2 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     2 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     2 NicCards    : eth2

Wed Sep 04 11:49:45 CEST 2013 :     3 Id          : 86fe3b22-f53b-11e2-a024-6cae8b66e764

Wed Sep 04 11:49:45 CEST 2013 :     3 IPAddress   : null

Wed Sep 04 11:49:45 CEST 2013 :     3 SubNetMask  : null

Wed Sep 04 11:49:45 CEST 2013 :     3 NicCards    : eth1

Wed Sep 04 11:49:45 CEST 2013 : Checking HA status...

Wed Sep 04 11:49:45 CEST 2013 : Node gvecsl0004ise.emea.givaudan.com is not an MNT node

Wed Sep 04 11:49:45 CEST 2013 : Ignoring node configuration for host gvecsl0004ise.emea.givaudan.com

Wed Sep 04 11:49:45 CEST 2013 : Node configuration has not changed - nothing updated

Wed Sep 04 11:49:45 CEST 2013 : Poller sleeping...

David,

Looks like you have child domains within your AD domain infrastructure. By any chance can you connect the entire AD infrastructure to the parent domain? I also assume these ISE servers are all talking to child domains within the same forest? Also do the ISE servers that are not connect have connectivity to the global catalog servers on port 3268?

Tarik Admani
*Please rate helpful posts*

Hi,

Yes we are using child domains. But all our nodes have child domains, not only the 4 nodes with this warning messages. No, it is not possible to remove the child domain.

There are no FW at all between all our nodes so there is nothing that can prevent usage of port 3268.

I tried to deregister one of the node, to leave it from AD. Then I reset it to its default configuration, then I joined it to AD and registered it again, no more success...

I will open a Cisco TAC for that.

Best regards,

David

rschwart
Level 1
Level 1

Did you get a solution to this problem. I just installed 1.2 on a NAC3315 and am having the same issue.

Thanks

Roger

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: