Forum Discussion

am_gli's avatar
am_gli
Icon for Altostratus rankAltostratus
Jun 01, 2021

Cisco ISE Sponsor Portal Health Check URL

Hi,

 

one of our network admins is setting up a Cisco ISE Cluster for Wifi with a Sponsor Portal.

According to him, Sponsor Portal authentications can only be registered on the primary ISE node, because replications happen only from primary to secondary, not vice versa.

 

He asked now if it is possible to set up a VS on the F5 that is listening to the SP URL and forwarding requests only to the primary node.

Normally an easy task - unfortunately neither he nor I can't find a health check URL for the F5 to determine which ISE node is currently primary and which secondary.

 

Has anyone had a similar scenario and can tell me how to check for the ISE node priority?

ISE version is 3.0

 

Thanks in advance!

1 Reply

  • The only thing I think of is to use custom bash script monitor that uses snmpwalk or snmpget to check which is the active node:

     

     

    https://support.f5.com/csp/article/K4663

     

    https://www.ionos.com/digitalguide/server/know-how/snmp-tutorial/

     

     

     

     

     

    https://support.f5.com/csp/article/K71282813

     

    https://support.f5.com/csp/article/K8154

     

     

    Examples:

     

     

    https://devcentral.f5.com/s/articles/generic-snmp-monitor-using-snmpget

     

     

    https://devcentral.f5.com/s/articles/snmp-check-external-monitor