안녕하세요.
오늘은 [2024][CISCO ISE#2] ISE서버 Patch Update 하기입니다.
1. 저번에 VMware ESXi에 cisco ISE 3.2.0 버전을 설치하였습니다.
하지만 현재 Patch version이 무엇인지 모릅니다.
2. SSH 접속합니다.
show version
| ISE-3-2/admin#show version Cisco Application Deployment Engine OS Release: 3.2 ADE-OS Build Version: 3.2.0.401 ADE-OS System Architecture: x86_64 Copyright (c) 2005-2022 by Cisco Systems, Inc. All rights reserved. Hostname: ISE-3-2 Version information of installed applications --------------------------------------------- Cisco Identity Services Engine --------------------------------------------- Version : 3.2.0.542 Build Date : Wed Oct 19 16:27:24 2022 Install Date : Sat Jun 8 10:58:59 2024 |
Patch 관련 정보가 없습니다.
그럼 현재 version: 3.2.0.542이고 patch는 없습니다.
2. Cisco 홈페이지에 접속해서 patch 버전을 확인합니다.
https://software.cisco.com/download/home/283801620/type/283802505/release/3.2.0
홈페이지 확인 결과 patch는 1부터 6까지 있습니다.
최신 버전은 patch6입니다. 다운로드합니다.
3. cisco ISE 접속합니다. 그리고 patch6 파일을 cisco ise에 업로드하기 위해서 아래와 같이 접속합니다
Maintenance -> Repository
Repositoruy List에서 add 버튼을 클릭합니다.
4. 아래와 같이 입력합니다
Repository Name: disk
Protocol Disk:
Path: /
그리고 Save버튼을 클릭합니다.
5. Maintenance -> Localdisk Management
Node Name: ISE-3-2를 클릭합니다.
upload버튼을 클릭합니다.
6. 파일을 업로드합니다.
업로드가 완료될 때까지 기다립니다.
Close 버튼을 클릭합니다.
7. SSH 접속해서 repository에 파일을 확인합니다
| ISE-3-2/admin#show repository disk ise-patchbundle-3.2.0.542-Patch6-24041918.SPA.x86_64.tar.gz upgraderpms.log |
8. patch6을 설치합니다.
| ISE-3-2/admin#patch install ise-patchbundle-3.2.0.542-Patch6-24041918.SPA.x86_64.tar.gz disk % Warning: Patch will be installed only on this node. Install using Primary Administration node GUI to install on all nodes in deployment. Continue? (yes/no) [yes] ? yes Initiating Application Patch installation... Getting bundle to local machine... Unbundling Application Package... Verifying Application Signature... Patch successfully installed Broadcast message from root@ISE-3-2 (pts/1) (Sat Jun 8 12:26:44 2024): Trying to stop processes gracefully. Reload might take approximately 3 mins % This application Install or Upgrade requires reboot, rebooting now... Broadcast message from root@ISE-3-2 (pts/1) (Sat Jun 8 12:27:29 2024): The system is going down for reboot NOW Patch successfully installed |
patch6가 설치 완료 될 때까지 기다립니다.
약 20~30분 정도가 소요됩니다.
설치가 완료되면 자동으로 재부팅됩니다.
9. ssh 다시 접속해서 show version 입력해서 patch6을 확인합니다.
| ISE-3-2/admin#show version Cisco Application Deployment Engine OS Release: 3.2 ADE-OS Build Version: 3.2.0.401 ADE-OS System Architecture: x86_64 Copyright (c) 2005-2022 by Cisco Systems, Inc. All rights reserved. Hostname: ISE-3-2 Version information of installed applications --------------------------------------------- Cisco Identity Services Engine --------------------------------------------- Version : 3.2.0.542 Build Date : Wed Oct 19 16:27:24 2022 Install Date : Sat Jun 8 10:58:59 2024 Cisco Identity Services Engine Patch --------------------------------------------- Version : 6 Install Date : Sat Jun 08 12:24:44 2024 ISE-3-2/admin# |
위에 Cisco Identity Service Engine Patch 보시면 아래처럼
version: 6 표시되고
Install Date: 언제 설치되었는지 날짜가 표시됩니다.
10. show application status ise
application server 상태가 running인지 확인합니다.
| ISE-3-2/admin#show application status ise ISE PROCESS NAME STATE PROCESS ID -------------------------------------------------------------------- Database Listener running 4015 Database Server running 157 PROCESSES Application Server running 23465 Profiler Database running 12538 ISE Indexing Engine running 24587 AD Connector running 25900 M&T Session Database running 18927 M&T Log Processor running 23717 Certificate Authority Service running 25725 EST Service running 60586 SXP Engine Service disabled TC-NAC Service disabled PassiveID WMI Service disabled PassiveID Syslog Service disabled PassiveID API Service disabled PassiveID Agent Service disabled PassiveID Endpoint Service disabled PassiveID SPAN Service disabled DHCP Server (dhcpd) disabled DNS Server (named) disabled ISE Messaging Service running 8622 ISE API Gateway Database Service running 11476 ISE API Gateway Service running 17605 ISE pxGrid Direct Service running 49034 Segmentation Policy Service disabled REST Auth Service disabled SSE Connector disabled Hermes (pxGrid Cloud Agent) disabled McTrust (Meraki Sync Service) disabled ISE Node Exporter running 26542 ISE Prometheus Service running 27678 ISE Grafana Service running 29824 ISE MNT LogAnalytics Elasticsearch disabled ISE Logstash Service disabled ISE Kibana Service disabled % WARNING: ISE DISK SIZE NOT LARGE ENOUGH FOR PRODUCTION USE % RECOMMENDED DISK SIZE: 200 GB, CURRENT DISK SIZE: 100 GB |
11. cisco ISE를 접속합니다.
지금까지 [2024][CISCO ISE#2] ISE서버 Patch Update 하기 글을 읽어 주셔서 감사합니다.
'CISCO > CISCO ISE' 카테고리의 다른 글
| [2024][CISCO ISE#1] ISE서버 VMware ESXi에 설치 하기. (0) | 2024.07.07 |
|---|