cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2925
Views
20
Helpful
8
Replies

Cisco ISE 2.4 -- Problem to segment G1 to PortalGuest only

josimaru85
Beginner
Beginner

Hi Everyone

I have a task to create a new interface (G1) under Ise to attempt just for PortalGuest, and I have some problem.

 

This is my Topology:

 

ISEBR
Gi0 192.168.123.25/24
Gi1 192.168.185.25/24 (PortalGuest)

ISEPSN
Gi0 192.168.123.26/24Gi1
192.168.185.26/24 (PortalGuest)

ISEJP
Gi0 172.28.123.25/24
Gi1 172.28.185.25/24 (PortalGuest)

 

HA

ISEBR (Primary) and ISEJP (Secondary)
Both (PAN+MGT+PSN)

image.png

 

 

 

image.png

When I click under portal test, the URL just try push me Ise primary or ISE secondary G0 Interface only

image.png

 

Someone already have this problem?

1 Accepted Solution

Accepted Solutions

Hi,
Greg gave you a sample how to apply the ip host command I was talking about.

Just to clarify. In my deployments, i use 3 interfaces all the time:
- gig0 as default management
- gig1 for radius/tacacs
- gig2 for portals.

On gig1 and 2, i use anycast to avoid multiple fqdns (1 per host). If you have any load balancer solution you can achieve the same thing.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

8 Replies 8

Francesco Molino
VIP Mentor VIP Mentor
VIP Mentor
Hi

You mean when you click on portal test button, it opens a new page using your gig0 fqdn?
Have you configured the ip host command on cli to define a specific fqdn for the gig1 interface?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question