cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

405
Views
5
Helpful
2
Replies
mpbaker82
Beginner

Cisco ISE 2.3 - Duel Network Interfaces

I currently have Cisco ACS deployed in my network. I have a single primary ACS server and two secondary ACS servers at each of my 2 remote sites. All the sites use a class B network 172.16.x.x. We have roughly 2K devices across the organization.

 

Since ACS is going or is EOL... we are migrating to ISE 2.3 and making a move to the 10.x.x.x network.

 

Is it possible to move the ISE servers to the 10 network while slowly moving the network devices over to the 10 network and still keep authentication with each sites secondary ISE server.

 

Can the ISE server be configured to listed on two network interfaces for authentication? or maybe there is an easier way.

 

Baker

1 ACCEPTED SOLUTION

Accepted Solutions

More details on multi-interface use cases and config available in Cisco Live session BRKSEC-3697 (reference version on CiscoLive.com - Orlando 2018)

View solution in original post

2 REPLIES 2
Cory Peterson
Contributor

As long as the ISE servers have a way to talk to the NADs you will have no issues. Just ensure your routing is setup between the subnets and you are good to go.

More details on multi-interface use cases and config available in Cisco Live session BRKSEC-3697 (reference version on CiscoLive.com - Orlando 2018)

View solution in original post

Content for Community-Ad