one of our network admins is setting up a Cisco ISE Cluster for Wifi with a Sponsor Portal.
According to him, Sponsor Portal authentications can only be registered on the primary ISE node, because replications happen only from primary to secondary, not vice versa.
He asked now if it is possible to set up a VS on the F5 that is listening to the SP URL and forwarding requests only to the primary node.
Normally an easy task - unfortunately neither he nor I can't find a health check URL for the F5 to determine which ISE node is currently primary and which secondary.
Has anyone had a similar scenario and can tell me how to check for the ISE node priority?
ISE version is 3.0
Thanks in advance!
The only thing I think of is to use custom bash script monitor that uses snmpwalk or snmpget to check which is the active node: