Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1176
Views
0
Helpful
3
Replies

DNA integration With ISE

waleedmatter
Level 1
Level 1

‎09-17-2021 03:51 PM

When integration DNA with ISE , It will need certification from third party or i can use the ISE self certification or i can not use the certification for the integration 

 

Second question 

 

Once the DNA integrated with the ISE , The creation of the SGT's as well as the segmentation and micro segmentation will be from the DNA interface and then it will push to the ISE  correct ?

Labels:
0 Helpful
3 Replies 3

jalejand
Cisco Employee
Cisco Employee

‎09-17-2021 04:59 PM - edited ‎09-17-2021 04:59 PM

1. You can integrate DNAC with ISE with self-signed certificates if needed, you can also use 3rd certificates too.

2. You can select the administrative role of DNAC of SGTs and GBAC policies under Network Design / Group Based Access Policies
After integrating ISE, start the migration to allow DNAC to control the policy UI instead of ISE:

jalejand_0-1631923120818.png

 

0 Helpful

waleedmatter
Level 1
Level 1
In response to jalejand

‎09-18-2021 02:12 AM

For Q1

Thanks for your answer so i can skip the certification matching between the DNA & ISE correct ?

 

For Q2:

As your answer , I have options to make the SGT's and the policies and the segmentation and micro segmentation through the ISE as usual as a traditional or through the DNA so which one is better option ?

0 Helpful

rasmus.elmholt
Level 7
Level 7
In response to waleedmatter

‎09-27-2021 04:59 AM

Hi Waleed

 

A1: yes

 

A2: Normally when you create the integration, the DNAC asks to disable SGT configuration on the ISE and make it Read-Only. And if you accept it will do it for you.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card