Cisco Bug: CSCvi55727 - Allow configuration of ISE Session Database advanced parameters
Apr 12, 2018
- Cisco Identity Services Engine (ISE) 3300 Series Appliances
Known Affected Releases
2.1(0.474) 2.2(0.907) 2.3(0.902)
Symptom: License consumption number are wrong and overutilized. Conditions: Problem Description: 1) currently license consumption calculated based on Session database stored on MnT node. 2) Sessions are tracked by PSN and accounting start/stop messages. 3) If at any time a switch over happens between Radius servers due to a number of reasons or Accounting Stop is not sent, or recieved (read UDP) For example: - small network lag where Radius UDP packets were lost. - small timers and ISE did not respond on time. - PSN crashed due to large number of bugs. - client PC disconnects from behind a phone and phone does not advertise the remote port down. 4) The session will not be terminated and will be on the Session database for 5 days untill it can be cleared automatically. Solution: Allow configuration of the Session database timers from the ISE. If we allow these timers to be configurable, client can lower to say 10 hours. Which will provide enough time overnight to clear the stuck session in case of normal business operation.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases