03-20-2014 07:32 AM - edited 03-10-2019 09:33 PM
Dear,
We have received the ISE NFR kit. With the kit, we have received the ISE-NFR Image, Services NFR Image and NFR Configuration Guide (comprising of dhcp.conf, ISE Config Guide, ISE NFR configs (ASA, Switch Config)).
I went through the Configuration guide, and it gives the initial setup of VMware ISE Setup and Services NFR Setup.
As per the configuration guide, Services NFR is Linux machine with pre-configured services including DHCP, DNS, NTP, HTTP, OPEN LDAP and CA., I would like to know how to use the Services NFR with ISE NFR without using additional Active Directory Setup?
I have the COLD Lab guides for Cisco ISE, but I cannot use those guides with ISE-NFR because it requires the additional Active Directory for user creation and testing, and CA Setup.
I would like to know if there are any guides or scenarios to work with ISE-NFR and Services NFR.
Thank you in advance.
Best Regards,
03-20-2014 11:33 AM
Yes, the Services NFR machine is pre-configured. OpenLDAP and CA are already running.
You can verify this by opening the Terminal and going to su mode.
OPEN LDAP:
Command: systemctl status dirsrv.service
Output: [root@magicserver ~]# systemctl status dirsrv.service
dirsrv.service - SYSV: 389 Directory Server
Loaded: loaded (/etc/rc.d/init.d/dirsrv)
Active: active (running) since Fri, 06 Sep 2013 10:58:10 -0700; 6 days ago
Process: 1174 ExecStart=/etc/rc.d/init.d/dirsrv start (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/dirsrv.service
â 1190 /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-magicserve...
CA:
Command: systemctl status pki-cad.service
Output: [root@magicserver ~]# systemctl status pki-cad.service
pki-cad.service - SYSV: Certificate Authority (Tomcat 6.0)
Loaded: loaded (/etc/rc.d/init.d/pki-cad)
Active: active (running) since Fri, 06 Sep 2013 10:58:32 -0700; 6 days ago
Process: 1439 ExecStart=/etc/rc.d/init.d/pki-cad start (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/pki-cad.service
â 1511 /usr/lib/jvm/jre/bin/java -classpath :/usr/share/t...
Now, adding users and configuring accounts is FAR more involved. I suggest you start here:
https://www.google.com/#q=adding+users+in+openldap&safe=off
Similar for the CA:
https://www.google.com/#q=generating+certificate+linux+ca&safe=off
I hope this helps
Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question. Otherwise, feel free to post follow-up questions.
Charles Moreton
08-01-2017 04:43 PM
Can you share with me the configuration guides?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide