Guest

Preview Tool

Cisco Bug: CSCus84762 - When Primary admin down, PSNs take a minute to authenticate guest users

Last Modified

Mar 16, 2017

Products (1)

  • Cisco Identity Services Engine (ISE) 3300 Series Appliances

Known Affected Releases

1.2(0.899) 1.3(0.901)

Description (partial)

Symptom:
when the primary administration node is down, authentication of guest users on PSN nodes is working but delayed between 15 seconds and 1 minute.

PAN is UP:
Line 1133: 2015-02-08 15:26:26,189 DEBUG  [http-bio-10.56.24.232-8443-exec-4][] cpm.guestaccess.auth.authentication.NAAccessUtil -:f07ed238-8c50-45cc-96cd-74a5fec6276a:igal:- NA-NA : The idenitity sequence store is  Guest_Portal_Sequence
Line 1134: 2015-02-08 15:26:27,045 DEBUG  [http-bio-10.56.24.232-8443-exec-4][] cpm.guestaccess.auth.authentication.NAAccessUtil -:f07ed238-8c50-45cc-96cd-74a5fec6276a:igal:- NA-NA-RET : result: PASSED, processFailedReason: NO_PROCESS_FAILURE, processFailedReasonEnumd=NO_PROCESS_FAILURE, isDiabledUser=false            Line 1135: 2015-02-08 15:26:27,045 DEBUG  [http-bio-10.56.24.232-8443-exec-4][] cpm.guestaccess.auth.authentication.NAAccessUtil -:f07ed238-8c50-45cc-96cd-74a5fec6276a:igal:- NA-NA-RET-ID-GROUPS : identityGroups: Employee
 
PAN is down (delay > 1min !!!):
Line 1455: 2015-02-08 15:27:51,623 DEBUG  [http-bio-10.56.24.232-8443-exec-4][] cpm.guestaccess.auth.authentication.NAAccessUtil -:5db1f546-3504-4803-9493-5a092035f66d:igal:- NA-NA : The idenitity sequence store is  Guest_Portal_Sequence
Line 1461: 2015-02-08 15:29:06,762 DEBUG  [http-bio-10.56.24.232-8443-exec-4][] cpm.guestaccess.auth.authentication.NAAccessUtil -:5db1f546-3504-4803-9493-5a092035f66d:igal:- NA-NA-RET : result: PASSED, processFailedReason: NO_PROCESS_FAILURE, processFailedReasonEnumd=NO_PROCESS_FAILURE, isDiabledUser=false
Line 1462: 2015-02-08 15:29:06,762 DEBUG  [http-bio-10.56.24.232-8443-exec-4][] cpm.guestaccess.auth.authentication.NAAccessUtil -:5db1f546-3504-4803-9493-5a092035f66d:igal:- NA-NA-RET-ID-GROUPS : identityGroups: Employee

Conditions:
seen in ISE 1.2 and ISE 1.3
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.