Configure ISE with a new interface connected to a private network

SMD28316 · ‎10-26-2021

ISE VM deployment is configured in the network with the ID 192.168.X.X, it's management interface Gig0 is from this network as well, I would like to connect the network with the ID 10.4.4.X with ISE to use RADIUS and TACACS services, is it possible to do this without exposing this network to 192.168.X.X network? I was thinking of adding another NIC to ISE that is configured with an IP from 10.4.4.X, is this possible? What configurations do I need on ISE? So far I know that the management is restricted to Gig0

Mike.Cifelli · ‎10-27-2021

This is possible. Since it is a vm you will add a NIC for whichever network, login to ISE via cli, and configure the new interface. Then configure a static route for ISE to reach the NADs on the new 10.4.4.x interface. Example from ISE CLI:

Verify NIC is connected/configured: show int g 1

Configure the interface:

conf t

int g 1

ip addr <> <mask>

no shut

Static route example: ip route 10.4.4.x 255.255.255.0 gateway 10.4.4.1

HTH!