Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1444
Views
1
Helpful
3
Replies

cisco ISE Azure Application

Go to solution
iran
Level 1
Level 1

‎04-01-2023 04:21 PM

I have seen here Deploy Cisco Identity Services Engine Natively on Cloud Platforms - Cisco ISE on Azure Cloud Services [Cisco Identity Services Engine] - Cisco

That Cisco ISE has two variants in Azure.
1. Azure Application
2. Virtual Machine variant

In the first option is it possible to add or assign an IP address to a second interface after the deployment?

I did not find any documentation about it

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎04-02-2023 12:11 PM - edited ‎04-02-2023 12:13 PM

@iran

Both options create and initialize an ISE VM with one and only one network interface. We may add additional interfaces afterwards.

The doc you cited above has the info there. Deploy Cisco Identity Services Engine Natively on Cloud Platforms / Chapter: Cisco ISE on Azure Cloud Services / Known Limitations of Cisco ISE in Microsoft Azure Cloud Services says,

...

  • To add a secondary NIC to any VM in Microsoft Azure, you must first power off the VM.

...

Then, follow Azure doc on Microsoft Learn / Azure Networking / Virtual Network / Add network interfaces to or remove network interfaces from virtual machines to add another interface.

Finally, power on the ISE VM and use ISE admin CLI to configure the private IP address for the new interfaces.

 

View solution in original post

3 Replies 3

Go to solution
hslai
Cisco Employee
Cisco Employee

‎04-02-2023 12:11 PM - edited ‎04-02-2023 12:13 PM

@iran

Both options create and initialize an ISE VM with one and only one network interface. We may add additional interfaces afterwards.

The doc you cited above has the info there. Deploy Cisco Identity Services Engine Natively on Cloud Platforms / Chapter: Cisco ISE on Azure Cloud Services / Known Limitations of Cisco ISE in Microsoft Azure Cloud Services says,

...

  • To add a secondary NIC to any VM in Microsoft Azure, you must first power off the VM.

...

Then, follow Azure doc on Microsoft Learn / Azure Networking / Virtual Network / Add network interfaces to or remove network interfaces from virtual machines to add another interface.

Finally, power on the ISE VM and use ISE admin CLI to configure the private IP address for the new interfaces.

 

Go to solution
iran
Level 1
Level 1
In response to hslai

‎04-02-2023 03:58 PM

Thank you for your quick reply.

One more question.
I am a little bit confused between the difference from Azure Application and Virtual Machine variant.

In Azure Application variant, it is a virtual machine like any other virtual machines in which we can access the console, edit/add interfaces... ?
Still not very clear to me, the difference between the two variants and the advantages of each one.

Thank you

0 Helpful

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to iran

‎04-03-2023 05:01 PM

@iran , both methods deploy the same resulting ISE virtual instance in Azure with the same features and capabilities. The only difference is how the node is deployed.
With the Azure Application method, you are presented with a template and prompted to enter each value that will be used to configure the ISE application (hostname, DNS name, etc). Azure uses this to build an ARM template that is then used to build the node.
With the VM variant, you must provide those details in the User Data field. This option is typically easier to use if you are deploying ISE nodes using your own orchestration tools like Ansible/Terraform.

0 Helpful
Customers Also Viewed These Support Documents