02-09-2018 01:29 PM
Hi Team
For testing, I configured an integration between Firepower Management Center and ISE for RADIUS user authentication, using the following guide as a reference: https://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118541-configure-firesight-00.html
Checking on ISE, apparently a Base license is consumed:
But in licensing consumption, appears that 0 Base licenses are consumed. Is this behavior correct?
This verification is for a customer that is migrating from ACS to ISE, and they are using RADIUS for login into some devices that do not support TACACS+, and we want to recommend the correct Base licensing.
Thank you.
Regards,
Annya
Solved! Go to Solution.
02-09-2018 09:26 PM
ISE RADIUS sessions are keying off Endpoint ID or Calling-Station-ID. Since the FireSIGHT not tracking users by calling station id as shown in the guide, then there is no license usage. Customers would still need the minimal license counts for entitlements.
02-09-2018 08:56 PM
Hello,every radius session consume 1 license until this radius session is active. After user logout this radius session is stoped and license is free.
02-09-2018 09:26 PM
ISE RADIUS sessions are keying off Endpoint ID or Calling-Station-ID. Since the FireSIGHT not tracking users by calling station id as shown in the guide, then there is no license usage. Customers would still need the minimal license counts for entitlements.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: