Symptom
TrustSec CoA(PUSH/Deploy) update from ISE to network device fails, which causes network device not downloading the latest TrustSec Policy/Security Group.
Conditions
Modify TrustSec Policy/SGACL/Security Group and hit Push/Deploy from ISE.
Workaround
Use cts refresh cmds on the switch to get the updated Security Groups and Policy on the network device.
Do "cts refresh environment-data" on the network device to get the latest Security Groups from ISE
Switch#cts refresh environment-data
Environment data download in progress
Do "cts refresh policy" on the network device to get the latest TrustSec Policy downloaded from ISE
Switch#cts refresh policy
Policy refresh in progress
This needs to be done for all the affected TrustSec enabled devices which is part of the ISE deployment.
Further Problem Description
