cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3002
Views
9
Helpful
6
Replies

Cisco ISE Bridge Mode

Hi,

I was trying to configure Cisco ISE bridge mode for ISE Policy Node configuration.

It was working fine for few mins and then the ISE Stop responding.

through console access i could only ping the default gateway but no other servers.

i have configured the VLAN Mapping rule for it also before restarting the node.

can some1 help me out.

6 Replies 6

Eduardo Aliaga
Level 4
Level 4

Could you please issue the command "show application status ise" to see if the processes are OK ?

hi,

its running ISE inline POLICY NODE so it only shows the kernel and thats it.

secondly, i am losing the management connection and ping request.

does any1 has an idea why this happening.

please if you can me out...

Hi,

This is common mapping problem I think.

Remove the mapping and use different vlans and take a look at the debug log.

Regards.

Sent from Cisco Technical Support iPhone App

mmangat
Level 1
Level 1

In bridged mode, the Inline Posture node operates as a standard Ethernet bridge. This configuration is typically used when the untrusted network already has a gateway, and you do not want to change the existing configuration.

The figure below shows the Inline Posture node acting as a bridge for the Layer 2 client traffic from the WLC into the Cisco ISE network, managed by the Policy Service ISE node. In this configuration, Inline Posture requires subnet entries for the 10.20.80.0/24 and 10.20.90.0/24 subnets to be able to respond to and send Address Resolution protocol (ARP) broadcasts to the correct VLANs.

When the Inline Posture node is in bridged mode, the following conditions apply:

•Inline Posture eth0 and eth1 can have the same IP address.

•All end devices in the bridged subnet must be on the untrusted network.

manjeets
Level 3
Level 3

                   Kindly review the attached doc.

avoid to put the posture inline Node in the same subnet as the Administration Node . At least put an explicit static route on inline posture Node.

 

The problem is because the posture inline Node expects the fact that the Admin Node is on the trust side. and in the case of the bridged mode, the two subnets are merged