Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
617
Views
0
Helpful
1
Replies

Cisco ISE - F5 LTM - Supported Topologies

mkim1
Level 1
Level 1

‎09-19-2022 01:44 PM - edited ‎09-20-2022 09:04 AM

We are exploring using our F5s to load balance authentication requests to our ISE nodes.

Looking at this How To (https://community.cisco.com/t5/security-knowledge-base/how-to-cisco-amp-f5-deployment-guide-ise-load-balancing-using/ta-p/3631159), it looks like only physical or logically inline topologies are supported.

Is this possible without an inline topology? Has anyone added F5 load balancing to an existing ISE deployment in production?

Thank you.

0 Helpful
1 Reply 1

davidgfriedman
Level 1
Level 1

‎09-19-2022 02:33 PM

I have an old legacy ISE deployment which does this using policy based routing.  Of course the ISE VLAN SVI is on the same layer 3 switches as the F5 SVI, making this possible. We route udp/1812, udp/1813, and in reverse the CoA ports through the F5.  No issues here with that configuration.  

0 Helpful
Customers Also Viewed These Support Documents