Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1259
Views
1
Helpful
2
Replies

Cisco ISE SXP

Go to solution
emolstad
Level 1
Level 1

‎03-06-2023 08:27 AM

We are currently directly pointing almost all our network devices back to ISE for SXP. We are using a device to ISE SXP peer connection. We are at our max "200" SXP peer limit. Does anyone know if Instead of making SXP peer connection directly to ISE on new switches, if I could point the new switch to a existing switch that is already pointing back to ISE. The goal would be that the switch I connect it to would reach out to ISE for SGT mappings for the switch I put in if the mappings are not already present on the table within the switch. Essentially asking the ISE connected switch to get mappings for the non ISE connected switch. 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎03-06-2023 08:53 AM - edited ‎03-06-2023 09:01 AM

@emolstad yes, you can configure SXP on a switch (listener) to receive bindings from another switch or router (speaker), which learnt the bindings directly from ISE.

https://community.cisco.com/t5/security-knowledge-base/group-based-policy-sxpv5-guide/ta-p/4705541

 

View solution in original post

2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎03-06-2023 08:53 AM - edited ‎03-06-2023 09:01 AM

@emolstad yes, you can configure SXP on a switch (listener) to receive bindings from another switch or router (speaker), which learnt the bindings directly from ISE.

https://community.cisco.com/t5/security-knowledge-base/group-based-policy-sxpv5-guide/ta-p/4705541

 

Go to solution
emolstad
Level 1
Level 1
In response to Rob Ingram

‎03-06-2023 12:10 PM

Thank you sir! 

0 Helpful
Customers Also Viewed These Support Documents