Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
575
Views
0
Helpful
3
Replies

beginning with the ISE installation.

Go to solution
network_geek1979
Level 1
Level 1

‎01-29-2019 01:09 AM

Folks,

What are the management NIC used for in the ISE 3515 devices? I believe that they are used only for the management purpose only and the cluster is not formed on this NIC. Please correct me on this.

 

Further, for the cluster formation the NIC1 and NIC2 is used, correct? In our case we have 2 ISE devices at different remote DC's and the plan is to bring them online in a cluster mode.

 

Thanks!!

N.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Arne Bier
VIP
VIP
In response to ldanny

‎01-29-2019 03:03 AM - edited ‎01-29-2019 03:10 AM

A picture is worth a thousand words ... and yes, the install Guide is quite a good read.  Just remember that the CIMC can also run on the ISE interfaces if you are short on mangement switch ports.  But in most cases customers should consider using the dedicated CIMC iterface shown below

 

ise rear2.png

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Arne Bier
VIP
VIP

‎01-29-2019 02:27 AM

The CIMC management is an important aspect of running an ISE hardware appliance.  I recommend you have a look at the installation guide in detail.  But to answer your question, the "management" interface is usually a dedcated GigE port on the server that is used to manage the hardware itself.  You can also make CIMC available on the application GigE interfaces if you have trouble reserving a port/cable just for management purposes. 

As for ISE - you have a bunch of GigE ports available for the application (I can't remember how many on the 3515 .. but on the bigger 3595 it's 6 interfaces).  Those are all available to ISE.  You can bond them together in pairs to perform NIC teaming.  Have a look at the installation guide.  it's explained a lot better than what I have just done.

 

In ISE we don't talk about clustering - we can talk about a deployment or in the old days it was called a "cube".  But you can think of the first ISE node as the primary node, and then the remaining nodes are registered to the primary to form (for lack of a better term) a cluster.  The interface(s) that you use for that are the ones I mentioned above.  

The CIMC interface is only locally significant

 

0 Helpful

Go to solution
ldanny
Cisco Employee
Cisco Employee

‎01-29-2019 02:56 AM

When you say management do you mean the CIMC or the Admin Portal?

 

https://www.cisco.com/c/en/us/td/docs/security/ise/2-0-1/install_guide/b_ise_InstallationGuide201/b_ise_InstallationGuide201_chapter_01.html

 

when installing ISE it will use the first interface for all services GigEther0

 

As to your other question I recommend you read up a bit on ISE infrastructure.

https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/install_guide/b_ise_InstallationGuide24/b_ise_InstallationGuide24_chapter_00.html

 

0 Helpful

Go to solution
Arne Bier
VIP
VIP
In response to ldanny

‎01-29-2019 03:03 AM - edited ‎01-29-2019 03:10 AM

A picture is worth a thousand words ... and yes, the install Guide is quite a good read.  Just remember that the CIMC can also run on the ISE interfaces if you are short on mangement switch ports.  But in most cases customers should consider using the dedicated CIMC iterface shown below

 

ise rear2.png

0 Helpful
Customers Also Viewed These Support Documents