Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2037
Views
15
Helpful
5
Replies

Cisco ISE Device Admin Licensing

Go to solution
Maurice Ball
Beginner
Beginner

‎05-24-2020 12:15 PM

Do I need a Cisco ISE device admin license for every PSN I enable the service on?

 For example: If I enabled the device admin service on 5 of my policy nodes. Does this mean I would need 5 device admin licenses installed on the primary admin node?

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Damien Miller
VIP Advisor VIP Advisor
VIP Advisor

‎05-24-2020 12:44 PM - edited ‎05-24-2020 12:46 PM

Yes, as of ISE v2.4+ you need one L-ISE-TACACS-ND= license per PSN you enable the device admin role on. So enabling device admin on five PSNs would require ordering 5x L-ISE-TACACS-ND=. You then have the option of either putting them in to a smart account ISE can be pointed at, or fulfilling them as a traditional license file and installing it on the admin node.

View solution in original post

Go to solution
Maurice Ball
Beginner
Beginner
In response to Damien Miller

‎05-24-2020 12:51 PM

Ok, great. I just wanted to make sure I understood it correctly. Thanks so much for the clarification.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Damien Miller
VIP Advisor VIP Advisor
VIP Advisor

‎05-24-2020 12:44 PM - edited ‎05-24-2020 12:46 PM

Yes, as of ISE v2.4+ you need one L-ISE-TACACS-ND= license per PSN you enable the device admin role on. So enabling device admin on five PSNs would require ordering 5x L-ISE-TACACS-ND=. You then have the option of either putting them in to a smart account ISE can be pointed at, or fulfilling them as a traditional license file and installing it on the admin node.

Go to solution
Maurice Ball
Beginner
Beginner
In response to Damien Miller

‎05-24-2020 12:51 PM

Ok, great. I just wanted to make sure I understood it correctly. Thanks so much for the clarification.

0 Helpful

Go to solution
Mohammed al Baqari
VIP Advisor VIP Advisor
VIP Advisor

‎05-25-2020 12:56 AM

Hi,

Your device admin license are counted by the number of devices not by the
number of PSN nodes. You PSN nodes consume VM license only. But feature
license can be shared between them.


**** please remember to rate useful posts
0 Helpful

Go to solution
Damien Miller
VIP Advisor VIP Advisor
VIP Advisor
In response to Mohammed al Baqari

‎05-25-2020 01:05 AM

Not with ISE.

That was the case with ACS, 500 vs large deployments. ISE 2.4+ licenses both virtual ISE nodes, and tacacs/device admin nodes by the number deployed. 

Go to solution
Mohammed al Baqari
VIP Advisor VIP Advisor
VIP Advisor
In response to Damien Miller

‎05-25-2020 02:36 AM

Thanks for correcting me Damien.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents