Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
797
Views
5
Helpful
4
Replies

Cisco ISE hardware deployment guide.

network_geek1979
Level 1
Level 1

‎04-04-2019 01:01 AM

Team,

We have our Cisco ISE 3515 devices which are to be deployed in a cluster. Both devices are at different geographical DC's.

I see that the hardware device has many interfaces and also a management interface.

 

Do you folks have any documents for this deployment?

 

When I login to the console first it asks for some information to start the configuration. I presume that the first IP address it is asking for would be the management only IP address. Am I correct?

 

 

Thanks!!!

N.

0 Helpful
4 Replies 4

Arne Bier
VIP
VIP

‎04-04-2019 06:09 AM

You may want to read the ISE Installation Guide.  It's too much to explain here.

 

0 Helpful

Nadav
Level 7
Level 7

‎04-04-2019 11:03 AM

Hey there,

 

When you first boot your SNS, make sure you are connected with monitor and keyboard. There is a special adapter that comes with the SNS that allows you to connect via HDMI from a special interface at the front of the SNS. 

 

When it boots up press F8 and you'll go into CIMC initial configuration. Set up the IP address, subnet, gateway, etc. At this screen you can also choose if your CIMC is via the dedicated management port or via the mLOM, which is for high-availability. Default is dedicated.

 

Save configuration, and then when you reboot the server you can access the server from the management port via ethernet. 

 

For more information regarding installing the SNS, check out:

https://www.cisco.com/c/en/us/td/docs/security/ise/sns3500hig/b_ise_SNS3500HIG/b_ise_SNS3500HardwareInstallationGuide22_chapter_010.html

 

I'd suggest you upgrade your CIMC to the latest supported for SNS 3515 (3.0.4j), make sure you download the dedicated CIMC and BIOS files necessary for this upgrade.

https://software.cisco.com/download/home/283801620/type/283802505/release/SNS%2035x5

 

For further reading regarding CIMC upgrading, check out this thread:

https://community.cisco.com/t5/identity-services-engine-ise/ise-cimc-software-strategy/m-p/3732676

 

Other things to note:

 

1) Racking the server is the same as a Cisco UCS M4. The server is 1RU. It's not difficult.

2) The server supports a redundant power supply.

3) The CIMC has quite a few options, you may want to learn how to work with them. These include monitoring via SNMP, authenticating access to CIMC via LDAP, etc.

 

0 Helpful

Arne Bier
VIP
VIP
In response to Nadav

‎04-05-2019 03:56 AM

Agreed. Having a real monitor and keyboard makes the job easier.  But for years I have been looking for a "headless" solution that I can apply when having to set up a new appliance from scratch - in cases where I don't have a real monitor and keyboard at hand

In my experience, an out-of-the-box server will allow you to press F8 and then first question from CIMC will be to reset the CIMC password.  And then continue from there to setup an IP address for CIMC and then continue the rest via TCP/IP.

 

My question is: can I attach a brand new appliance to a switch (or to my laptop via crossover cable) and run a DHCP server to assign an IP to CIMC - then https into CIMC with that address?   If you know the IP address that the DHCP server sends out then the rest should be simple.  But once you get to the CIMC https screen, what will the password be to login, since you have not had a chance to reset it yet.  Will it be admin/admin ? :-)

 

0 Helpful

Nadav
Level 7
Level 7
In response to Arne Bier

‎04-05-2019 04:06 AM - edited ‎04-05-2019 05:23 AM

Sure you can. CIMC starts off as a DHCP client, just connect the dedicated management port to anywhere it can receive a DHCP offer and you're set. The guide states thus:

 

To configure the system remotely, you must have a DHCP server on the same network as the system. Your DHCP server must be preconfigured with the range of MAC addresses for this server node. The MAC address is printed on a label on the rear of the server node. This server node has a range of six MAC addresses assigned to the Cisco IMC. The MAC address printed on the label is the beginning of the range of six contiguous MAC addresses.

 

Sounds cut and dry.

 

The password will be admin/password. It's like when you downgrade CIMC to 2.X.X as part of upgrading to 3.0.4j and then it also resets the password back to admin/password. You are asked to change the password once you first authenticate into CIMC.

Customers Also Viewed These Support Documents
Top