Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
758
Views
0
Helpful
7
Replies

Auth VLAN on third party switch

Go to solution
wileong
Cisco Employee
Cisco Employee

‎10-11-2018 08:11 AM

Hi, 

 

Working on Brocade switch using Auth VLAN for Posture flow. Auth VLAN approach works fine in single PSN. How do we scale to multiple PSN using Auth VLAN?

When try to configure DHCP scope on both PSN1 and PSN2 using same IP segment but IP address assignment is unique there is an error.

 

dhcp configure existing.pngdhcp configure new.png

 

Error during saving DHCP scope. Any idea?

Thanks

Wing Churn

error dhcp.png

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎10-11-2018 08:18 AM

Its not supported to run same subnet on different PSNs. I assume for redundancy you’re doing this? I have heard this in the past would recommend you reach out via account team for a feature request

View solution in original post

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to wileong

‎10-11-2018 08:49 AM

If its different networks then open a tac case

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎10-11-2018 08:18 AM

Its not supported to run same subnet on different PSNs. I assume for redundancy you’re doing this? I have heard this in the past would recommend you reach out via account team for a feature request
0 Helpful

Go to solution
wileong
Cisco Employee
Cisco Employee
In response to Jason Kunst

‎10-11-2018 08:32 AM

Hi Jason,

 

Understood on the redundancy is not available today. How about the error of creating none overlapping DHCP scope for the third screenshot i provided? The second scope i am creating is not overlapping with existing created scope, do we have any known bug on this. By the way, we are running ISE 2.2p9

 

Thanks

Wing Churn

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to wileong

‎10-11-2018 08:34 AM

It’s the same subnet correct? Regardles of nonverlapping status its not supported
0 Helpful

Go to solution
wileong
Cisco Employee
Cisco Employee
In response to Jason Kunst

‎10-11-2018 08:40 AM

Sorry, my attached image might be confusing but the DHCP scope is not overlapped.

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to wileong

‎10-11-2018 08:43 AM

It’s the same subnet. The network ID is the same therefore it won’t work. It doesn’t matter if you split the scope where 1 PSN serves part of the scope and the other part on another PSN (this works in Microsoft DHCP server but not on ISE design).
0 Helpful

Go to solution
wileong
Cisco Employee
Cisco Employee
In response to Jason Kunst

‎10-11-2018 08:47 AM

I think you are still misunderstood. Ignore those images, i am creating 2 totally different subnets and still get this error. Do we have any known issue around DHCP scope? If not, i will get partner to raise a TAC case.

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to wileong

‎10-11-2018 08:49 AM

If its different networks then open a tac case
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents