ISE 1.2 SNS-3415 NIC Bonding / Teaming
Hello,
I have installed the SNS-3415 with ISE 1.2 and i'm trying to setup redundnacy (Team) nic modes for the authentication requests and not for management purpose.
The tests showed that when the one interface was unpluged everything was lost and nobody from our internal users was able to authenticated by the ISE node.
In contrast when i was unpluged the " second interface " (probably the inactive ) nothing was happened which shows that is a useless interface
My purpose is to connect it to my twins core switches and have a full high availability deployment.
- I have search enough on the WEB but i didn't found any clear and precisely document of saying how this could be achieved.
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-4/installation/guide/csacs_book/csacs_hw_ins_ucs.html#wp1185589
Themis
ISE 1.2 does not support NIC teaming. Especially on appliances. There is a workaround for VM using the ESXi host to team the NICs so that it is transparent to the VM.
Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question. Otherwise, feel free to post follow-up questions.
Charles Moreton
Similar Messages
-
CSACS-3415 ACS 5.4 NIC Bonding / Teaming possible ?
Hi Team,
I know, this topic has been answered for the "old" 11x Appliances: not possible.
Does the new UCS hardware change anything ?
Can we bundle 2 NICs somehow to get interface redundancy ?
If still not possible to configure that in ACS 5 itself:
Can it enentually be done on the "hardware" level
within the appliance firmware (UCS BIOS) ?
Frank
(RHEL would provide NIC bonding,,, unfortunately its not accessable from ACS5 CLI)Yes it does. ACS 5.5 with the Cisco SNS-3415, Cisco SNS-3495, virtual machine, or CSACS-1121 platform allows you to use up to four network interfaces: Ethernet 0, Ethernet 1, Ethernet 2, and Ethernet 3.
NIC Bonding
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-5/installation/guide/csacs_book/csacs_hw_ins.html#pgfId-1191791
Creating interface bonding
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-5/installation/guide/csacs_book/csacs_hw_ins.html#pgfId-1197533
Regards,
Jatin Katyal
*Do rate helpful posts* -
Meaning of this error (ISE 1.2 on SNS-3415): HARDWARE RNG INTEGRITY CHECK HAS FAILED!
Hi. We recently purchased an ISE 1.2 appliance (SNS-3415 hardware). It installed fine, but I am unable to access the GUI. When I login to the box and run the following command on the CLI
ISE-12-NS-SD-2/admin# show application status ise
I see the following output:
ISE Database listener is running, PID: 7737
ISE Database is running, number of processes: 38
ISE Application Server process is not running.
ISE Profiler DB is running, PID: 9090
ISE M&T Session Database is running, PID: 8959
ISE M&T Log Collector is running, PID: 9294
ISE M&T Log Processor is running, PID: 9376
% ERROR: ISE SERVICES HAVE BEEN DISABLED BECAUSE
% HARDWARE RNG INTEGRITY CHECK HAS FAILED!
Can anyone help me? What can I do to ensure that the hardware RNG integrity check succeeds. Is it a license issue? Is it faulty hardware? Please advise. I would be very greatful.
Thanks in advance.I worked with a TAC engineer on this and he said one other customer had this issue and the only recourse was reimaging the appliance with the ISE 1.2 ISO image.
I did reboot, restarted services, reset to factory default and none of that worked. It is possible that the issue happened because during setup of the appliance I didn't have network connectivity and went ahead with the setup and configuration of the ISE application anyway. I later had network connectivity but by that time ISE manifested this fault.
Reimaging and ensuring network connectivity during setup the next time around fixed the problem. -
Hi All,
We are planning to take ISE SNS-3415-K9 appliance for 2500 wireless end points.
Can you please guide me how to take license? Base lances are really required for wireless end points??
Your early response will be highly appreciated.
Regards,
Satish.If you are purchasing Wireless license then Base license is not required, it would support the below services
Device onboarding/provisioning
AAA
Guest provisioning
Link encryption policies
Device profiling and feed service
Host posture
Cisco Security Group Access
Integrated vendor MDM support
Refer : http://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/guide_c07-656177.html -
Hi Team
we brought new Cisco sns-3415 ACS configuration somebody please help to configure this on first time. I am simply first time on this device so I look forward first level configuration guide. find below the configuration details.
SNS-3415-K9
Small Secure Network Server for ISE NAC & ACS Applications
CON-SNT-SNS3415
SMARTNET 8X5XNBD Small Secure Network
CSACS-3415-K9
ACS application & BASE license for SNS-3415-K9 appliance
CSACS-5-BASE-LIC
Cisco Secure ACS 5 Base License
CSACS-ACCYKIT
Accessory Kit for Access Control System SW on 3415-appliance
SFS-250V-10A-ID
SFS Power Cord - 250V 10A India
SNS-4GBSR-1X041RY
4GB 1600 Mhz Memory Module
SNS-600GB-HDD
600 GB Hard Disk Drive
SNS-650W-PSU
650W power supply for C-series rack servers + cord (configur
SNS-CPU-2609-E5
2.4 GHz E5-2609/80W 4C/10MB Cache/DDR3 1600MHz
SNS-N2XX-ABPCI01
Broadcom 5709 Dual Port 10/100/1Gb NIC w/TOE iSCSI
SNS-RAID-ROM5
Embedded SW RAID 0/1/10 8 ports SAS/SATA
SNS-UCS-TPM
Trusted Platform Module for UCS servers
Thanks
Sreejesh Scheck Cisco how to guides for step by step configuration just follow the instruction and you can easily configure the setup also when you first open the ISE there is an option for express setup (Auto config) but i would suggest for the guide (link given below)
https://www.cisco.com/en/go/trustsec.
**********Do rate Helpful posts************************ -
Hi guys,
I saw the HW specs of the 3415.
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps11640/data_sheet_c78-726524.pdf
There is a spare part for the disk and for the power supply. Does anyone has the experience if the ISE software will check for the HW. The SNS server has a hardware raid controller. I want to know if I can use the raid controller just for mirroring for HW redundancy.
The SNS 3415 has two power slots. So i suspose this can be easily done without breaking the 'service' requiremtents for TAC.
regards,
SanderHi Ravi,
For the OS disk, I'm pretty sure we will run into problems. Like you said the UNIX distri will check for the HW bases on the system ID (3415 will have only 1 disk like the specs of Cisco). So sure I don't want to run into problems with my service agreement.
But for the PSU it would be a nice to know if I can install this without any issues. Maybe you got the HW in the LABs?
regards,
Sander -
NIC Bonding not behaving as it should
Hi Folks, am trying to setup NIC bonding on my VM (OEL5u6) having two virtualised NICs, i have done the setup which is quite simple however my active-backup mode is not working as expected.
My Bonded interface
[root@Gateway network-scripts]# cat ifcfg-bond0
DEVICE=bond0
IPADDR=192.169.25.2
NETMASK=255.255.255.248
ONBOOT=yes
BOOTPROTO=none
USERCTL=no
BONDING_OPTS='mode=active-backup miimon=1000'
TYPE=Ethernet
individual interfaces
[root@Gateway network-scripts]# cat ifcfg-eth2
DEVICE=eth2
HWADDR=08:00:27:1e:57:cf
MASTER=bond0
SLAVE=yes
ONBOOT=yes
BOOTPROTO=none
USERCTL=no
[root@Gateway network-scripts]# cat ifcfg-eth4
DEVICE=eth4
HWADDR=08:00:27:46:69:69
MASTER=bond0
SLAVE=yes
ONBOOT=yes
BOOTPROTO=none
USERCTL=no
Bonding status (looks good)
[root@Gateway network-scripts]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.5.0 (November 4, 2008)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth2
MII Status: up
MII Polling Interval (ms): 1000
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: eth2
MII Status: up
Link Failure Count: 0
Permanent HW addr: 08:00:27:1e:57:cf
Slave Interface: eth4
MII Status: up
Link Failure Count: 0
Permanent HW addr: 08:00:27:46:69:69
I am doing a continous ping from another host in the same n/w to this bonded interface IP to check if the ping streak breaks when i test this setup
Testing -
[root@Gateway network-scripts]# ifenslave -c bond0 eth4
and that's it my SSH connection is gone, and ping is broken with "Request timed out"
when i check the bond status now -
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth4
MII Status: up
MII Polling Interval (ms): 1000
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: eth2
MII Status: up
Link Failure Count: 0
Permanent HW addr: 08:00:27:1e:57:cf
Slave Interface: eth4
MII Status: up
Link Failure Count: 0
Permanent HW addr: 08:00:27:46:69:69
am afraid there's not much help in the message log to debug this.
Any views what's wrong and how to resolve? appreciate ur replies. Thanks
Regards AmitHi,
I'm having the same problem, when i disconnect the cable from the eth0 (active slave) stop receiving respond
I have tried bridged conf and interal net.
I'm using VirtualBox 4.1.16
This is my conf:
[root@integrador ~]# cat /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
IPADDR=10.10.0.2
NETWORK=10.10.0.0
NETMASK=255.255.255.0
BONDING_OPTS="mode=1 miimon=100"
BOOTPROTO=none
ONBOOT=yes
[root@integrador ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
USERCTL=no
[root@integrador ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
USERCTL=no
[root@integrador ~]# cat /etc/modprobe.d/bonding.conf
alias bond0 bonding
[root@integrador ~]# ifconfig -a
bond0 Link encap:Ethernet HWaddr 08:00:27:5C:C5:BA
inet addr:10.10.0.2 Bcast:10.10.0.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe5c:c5ba/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:402 errors:0 dropped:0 overruns:0 frame:0
TX packets:92 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:39487 (38.5 KiB) TX bytes:11045 (10.7 KiB)
eth0 Link encap:Ethernet HWaddr 08:00:27:5C:C5:BA
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:211 errors:0 dropped:0 overruns:0 frame:0
TX packets:89 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:23061 (22.5 KiB) TX bytes:10863 (10.6 KiB)
eth1 Link encap:Ethernet HWaddr 08:00:27:5C:C5:BA
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:191 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:16426 (16.0 KiB) TX bytes:182 (182.0 b)
eth2 Link encap:Ethernet HWaddr 08:00:27:DF:11:A2
inet addr:192.168.57.1 Bcast:192.168.57.3 Mask:255.255.255.252
inet6 addr: fe80::a00:27ff:fedf:11a2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:1142 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:119508 (116.7 KiB)
eth3 Link encap:Ethernet HWaddr 08:00:27:D1:41:9A
inet addr:192.168.1.50 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fed1:419a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:825 errors:0 dropped:0 overruns:0 frame:0
TX packets:625 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:563221 (550.0 KiB) TX bytes:85914 (83.9 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:25 errors:0 dropped:0 overruns:0 frame:0
TX packets:25 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2690 (2.6 KiB) TX bytes:2690 (2.6 KiB)
[root@integrador ~]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.6.0 (September 26, 2009)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth0
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: eth0
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 08:00:27:5c:c5:ba
Slave queue ID: 0
Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 08:00:27:fc:6b:f6
Slave queue ID: 0
[root@integrador ~]# lsmod | grep -i bond
bonding 109558 0
ipv6 264641 39 cnic,bonding,ip6t_REJECT,nf_conntrack_ipv6,nf_defrag_ipv6
[root@integrador ~]# uname -a
Linux integrador 2.6.32-220.el6.i686 #1 SMP Tue Dec 6 16:15:40 GMT 2011 i686 i686 i386 GNU/Linux
Sorry for my english! -
Hi
I am setting up a OVM environment where I want to implement NIC bonding. I want to bond eth1 and eth3, the IP address are showing against xenbr1 and xenbr3. Please let me know the steps of doing this.
Thanksitsakc wrote:
I am setting up a OVM environment where I want to implement NIC bonding. I want to bond eth1 and eth3, the IP address are showing against xenbr1 and xenbr3. Please let me know the steps of doing this.The Underground Oracle VM Manual has an entire chapter on this: http://itnewscast.com/chapter-7-oracle-vm-networking-8021q -
Switching from single NIC to NIC bonding in "active" RAC
Hi
I have a 4 node RAC cluster on RHEL 4, running 10.2.0.3.0 in "semi-production".
"Everything" is multiplexed, except the NICs. The servers have 2 NIC ports one for public and one for interconnect.
If we add another NIC with 2 ports, is it possible to change the NIC configuration from single port to NIC bonding, without reinstalling CRS?
I can get a maintenance window, so this doesn't have to be done on the fly, I just need to know if its do-able.
I have checked some notes on MetaLink and for me it looks like this should be possible.
E.g. Note:436555.1 and Note:283684.1
Regards
NiklasNicke, Its very well doable and supported approach. You can use oifcfg to reconfigure the interfaces and there is no need to reinstall the CRS.
-Harish Kalra -
Hi everybody,
I want to set NIC bonding on my VM 2.2 server. How does NIC bonding work? Also would I have to do any setup on my switch? Thank you to anyone who can help me understand.Sean314 wrote:
I want to set NIC bonding on my VM 2.2 server. How does NIC bonding work? Also would I have to do any setup on my switch? Thank you to anyone who can help me understand.There is a great document on the Oracle Wiki for this: [ Oracle VM Server Configuration- bonded and trunked network interfaces|http://wiki.oracle.com/page/Oracle+VM+Server+Configuration-+bonded+and+trunked+network+interfaces]. -
GUIDE: Oracle VM VirtualBox and Oracle Linux NIC bonding
Author: Dude
Date: 01-Jun-2013
Version: B
Last updates:
23-Jul-2013, changes required due to forum upgrade
The following is provided in the hope that it might be useful. If you wish to use it for the purpose of reference, presentation or education, please include the link or information to this forum posting. Thank you!
What is Linux network interface bonding? Simply put, the Linux system provides a kernel driver, which can create a logical network device (bond) using 2 or more Network Interface Controllers (NIC) to accomplish link-aggregation and adapter fault-tolerance. For more information, please see the Deployment Guide at https://linux.oracle.com/documentation/
The channel bonding interface supports several modes of operation. In a typical active-backup set up for fault-tolerance, the system performs MII-based health monitoring of the network interface slaves (eth0, eth1) and assigns them according to bond options and interface availability. In active-backup mode (mode 1), only the current active network device is seen externally.
Linux bonding for fault-tolerance under Oracle VM VirtualBox does not seem to function as advertised. Searching the Internet for more information shows that other people have tried to set up Linux bonding using various virtualization products, virtual host network adapter and bonding options, but without success.
It appears the management of Media Access Control addresses (MAC) interferes with internal routing methods between the host and the virtual machine guest. Using the modinfo bonding command (fig. 1) shows a listing of available parameters for the bonding kernel module. The fail_over_mac parameter addresses the Mac address issue in VirtualBox.
Fig.1
# modinfo bonding
filename: /lib/modules/2.6.39-400.17.1.el6uek.x86_64
/kernel/drivers/net/bonding/bonding.ko
parm: fail_over_mac:For active-backup,
do not set all slaves to the same MAC;
0 for none (default), 1 for active, 2 for follow (charp)
Configuration Example
Virtualization Product: Oracle VM VirtualBox 4.2.10
VM Guest OS: Oracle Linux 6.4 (x64)
VM adapter settings: Bridged Adapter, Paravirtualized Network (virtio-net)
Adapter1 (eth0): 080027436617, en0, Ethernet 1
Adapter2 (eth1): 08002708F36A, en0, Ethernet 1
Note: If you wish to reset the network adapter names and MAC addresses used by the Oracle Linux guest system, erase the content of /etc/udev/rules.d/70-persistent-net.rules and restart the virtual machine.
1. Create or modify the following configuration files:
/etc/modprobe.d/bonding-eth0_eth1.conf
alias bond0 bonding
/etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
IPADDR=10.0.2.12
NETMASK=255.0.0.0
GATEWAY=10.0.0.138
DNS1=10.0.0.138
DNS2=8.8.8.8
ONBOOT=yes
BOOTPROTO=none
USERCTL=no
BONDING_OPTS="mode=1 miimon=100 fail_over_mac=1"
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
/etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
2. Restart the system or network services (root):
Fig. 2
# service network restart
Configuration Test
Enter the following commands as user root to verify proper operation of NIC bonding:
Fig. 3
# tail /var/log/messages
bond0: setting mode to active-backup (1).
bond0: Setting MII monitoring interval to 100.
bond0: Setting fail_over_mac to active (1).
bond0: Adding slave eth0.
bond0: making interface eth0 the new active one.
bond0: first active interface up!
bond0: enslaving eth0 as an active interface with an up link.
bond0: Adding slave eth1.
bond0: enslaving eth1 as a backup interface with an up link.
Fig. 4
# ifconfig
bond0 Link encap:Ethernet HWaddr 08:00:27:43:66:17
inet addr:10.0.2.12 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::a00:27ff:fe43:6617/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
eth0 Link encap:Ethernet HWaddr 08:00:27:43:66:17
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
eth1 Link encap:Ethernet HWaddr 08:00:27:08:F3:6A
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
Fig. 5
# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.0.0.138 0.0.0.0 UG 0 0 0 bond0
10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 bond0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 bond0
Fig. 6
# ifconfig eth0 down
# tail /var/log/messages
bond0: link status definitely down for interface eth0, disabling it
bond0: making interface eth1 the new active one.
# ifconfig
bond0 Link encap:Ethernet HWaddr 08:00:27:08:F3:6A
inet addr:10.0.2.12 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::a00:27ff:fe43:6617/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
eth1 Link encap:Ethernet HWaddr 08:00:27:08:F3:6A
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
Fig. 7
# ifconfig eth0 up
# ifconfig eth1 down
# tail /var/log/messages
bond0: link status definitely up for interface eth0, 4294967295 Mbps full duplex.
bond0: link status definitely down for interface eth1, disabling it
bond0: making interface eth0 the new active one.
# ifconfig
bond0 Link encap:Ethernet HWaddr 08:00:27:43:66:17
inet addr:10.0.2.12 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::a00:27ff:fe43:6617/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
eth0 Link encap:Ethernet HWaddr 08:00:27:43:66:17
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
During the above test, the client network connection from host 10.0.0.1 (ssh) was maintained without any noticeable interruption. As it can be seen from the syslog and ifconfig command output, the bond0 interface was automatically assigned either the MAC address of eth0 or eth1 and the fail-over worked as advertised.
Good luck!Please see these docs/links.
Using Oracle VM with Oracle E-Business Suite Release 11i or Release 12 [ID 465915.1]
Certified Software on Oracle VM [ID 464754.1]
Oracle VM Templates -- Oracle E-Business Suite 12.1.3 (32-bit), Oracle E-Business Suite 12.1.1 (64-bit and 32-bit) and Oracle E-Business Suite Release 12.X Sparse Middle Tier (32-bit)
http://www.oracle.com/technetwork/server-storage/vm/ebs-093153.html
E-Business Suite 12.1.3 Templates for Oracle VM Now Available
http://blogs.oracle.com/stevenChan/2010/11/ebs1213_oraclevm.html
Live Migration of EBS Services Using Oracle VM
http://blogs.oracle.com/stevenChan/2010/01/ebs_live_migration_ovm.html
Using Oracle VM with Oracle E-Business Suite Virtualization Kit
http://blogs.oracle.com/stevenChan/2009/12/oracle_vm_ebs_virtualization_kit.html
New Oracle® VM Templates for Oracle Applications Now Available
http://www.oracle.com/us/corporate/press/068341
Very Cool! New Oracle VM Templates for Oracle E-Business Suite
http://blogs.oracle.com/virtualization/2010/11/very_cool_new_oracle_vm_templa.html
Thanks,
Hussein -
Cisco ISE migration from VM to SNS 3415 Appliance
HI Experts,
My customer is running a ISE VM ( os is 1.1.1 ) with base license used only for guest authentication . As per the requirement we need to migrate the existing setup to the ISE hardware (1.2 ).
Can anyone please help me in the best way to do .
I am planning to install a new ISE setup rather than migration but confused regarding the ISE Licensing .
Thanks in advance
Regards
AgnusAngus,
First and foremost, you must have a current, non-expired license.
The best way to accomplish this is to log in to the Licensing Portal:
https://tools.cisco.com/SWIFT/LicensingUI/Quickstart#
Click on Licenses. Choose the license you would like top transfer to the new 3415 Appliance.
Note that I have selected two licenses, Base and Advanced. You can only select ONE LICENSE at a time. To Re-Host a Base and an Advanced License, you must do this twice.
Then click Actions > Rehost/Transfer...
A new window will appear requesting the information from your new 3415 Appliance (you must have already installed ISE on the appliance):
You can find this information on the new 3415 by going to Administration > Licensing and clicking on the name of your node.
This is all found in the ISE Admin Guide.
http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_0111.html#concept_E664BCA9F4164C7F8DE590B7C2C4AD99
Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question. Otherwise, feel free to post follow-up questions.
Charles Moreton -
Clarifications on ISE Hardware (SNS-3415)
Hi Experts,
Good Day!
I just want to have some clarifications if what I did in my installation it correct.
Basically, my I connected 3 cables in my SNS3415 for my ISE and below is the arrangement of the cables
1 cable is connected to the port dedicated for the CIMC
1 cable is connected to the port dedicated for the ISE MGMT
1 cable is connected to the port for the DATA traffic
My question is, is it correct that I allocated 1 dedicated port for my DATA where the RADIUS traffic from user to the server passes through? Could it work if I configure WEB authentication in ISE?
Thank you.
niksYes. In the configuration of the portal for Web Authentication, you can choose the interface that is allowed to respond to the requests. You can also disallow interfaces from responding.
Go to Administration > Device Portal Management > Client Provisioning
Choose your portal or create a new one. Allow or disallow interfaces from this page and Save.
Of course, you can do this for any portal that is used (BYOD, MDM, etc).
Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question. Otherwise, feel free to post follow-up questions.
Charles Moreton -
Oracle VM 3.1.1 Manager: Configuraing NIC Bonding?
Each of the two OVM 3.1.1 servers in the OVMM 3.1.1 server pool has three Gigabit Ethernet NIC's:
<ol>
<li>One for the Management + VM + Heartbeat Networks (eth0) and
<li>The other two (eth1 + eth2) should be bonded for redundancy and performance and connected to the Live Migration + Storage Networks.
</ol>
However, OVMM 3.1.1 doesn't seem to have the ability to configure the bonding for NIC's. Am I overlooking something?
Eric Pretorious
Truckee, CARefer to the Oracle VM User's Guide for Release 3.1.1:
<li>Chapter 5.4, Network Bonding discusses bonding Management interfaces.
<li>Chapter 5.8, Managing Bonded Interfaces discusses bonding non-Management interfaces.
Eric Pretorious
Truckee, CA
REFERENCE
http://docs.oracle.com/cd/E27300_01/E27309/html/vmusg-network-bonding.html
http://docs.oracle.com/cd/E27300_01/E27309/html/vmusg-network-bondintfce.html -
Network teaming/bonding - Team a wifi connection and an eth one ???
Hello,
Is it possible to team/bond a wifi network connection with a ethernet one to increase the overall connexion speed?
I believe that it can be done with 2 eth one, but not sure about a eth and a wifi one.
Thanks in advance.
LudoNo reason you can't AFAIK depending on the bonding mode you want to use, but it wouldn't be desirable if your goal is speed.
Bonding does NOT aggregate the links per stream. Each stream still only goes over 1 "physical" connection to avoid packets getting out of order etc, so you would find that some connections would be sent over the wifi (and be limited by it's connection speed), while other connections would be on the wire connection.
Bonding allows more streams to happen in parallel, it doesn't magically speed up individual streams.
You would still be able to obtain redundancy using bonding (eg, mode 1)
Maybe you are looking for
-
IPod Not Recognized by PC After Update 2006-03-23
This is so frustrating- I was having sync lapses with iTunes, and the PC would "freeze" with the iPod connected to it, before Updater 2006-03-23 was run. After Updater was run, now the PC does not recognize the iPod at all. In fact, Updater 2006-03-2
-
Hi guys, We have configured two difference pricing procedures for domestic and import procurements. 10 condition types are common for two procedures and 10 more different condition types are available in each procedure. With SAP standard settings fo
-
i have a powermac g3 B+W and a friend is going to lend me his imac dvds to install it. will this work alright or should i just go buy it for myself? powermac is g3 350mhz 768mb ram 40.0gb and 12.7gb hdd Powerbook G3 Wallstreet + Powermac G3 B+W Mac
-
hi mm guru's, can any body help me for the report of invoiced documents. my requirement is the report should contain--- vendor's list,GL accounts carried out at LIV and amount to be paid to vendor. please help me out. regards, rahul
-
How are imported albums organised?
I have imported all my photos from iPhoto into Photos. When viewing my previous albums from iPhoto in Photos the albums are no longer in the original order or anything reasonable. It is possible to organise the albums by title, but this is not very u