Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2555
Views
5
Helpful
6
Replies

Differences between Cisco SNS-3495 and SNS-3655 platform

Go to solution
david.tran
Level 4
Level 4

‎07-20-2021 01:39 PM

In SNS-3495, you have an interface label "M". The way I understand it, this interface has several functions, including:


1- acts as a CMIC (e.g. Light Out Management) to allow you to turn ON/OFF the device;

2- Allow you to see the device at boot up via the KVM console;

3- Allow firmware update of the appliance such as BIOS, Harddrive firmware update, NIC firmware update, etc...

There is no such thing as "dedicated management interface" on the 3495.


In SNS-3655 appliance, I see there is an "mLOM" interface and also a "dedicated management interface" on the 3655.

I think the "mLOM" interface is used for:

1- allow you to turn ON/OFF the device;

2- Allow you to see the device at boot up via the KVM console;

3- Allow firmware update of the appliance such as BIOS, Harddrive firmware update, NIC firmware update, etc...

What is the purpose of the "dedicated management interface" on the SNS-3655? Does it have a separate routing domain
just like the Cisco Firepower Threat Defense (FTD) device? Does radius authentication for managing the device go
through this "dedicated" management interface? Does the ISE replication go through this management interface or
through the production interface?


I am trying to migrate ISE 2.2 on sns-3495 over to 3.0 on sns-3655 and just want to make sure I have all my bases
covered.

Thanks in advance.

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to david.tran

‎07-20-2021 08:01 PM

1- the mLOM interface/slot that is on the SNS-3655 can NOT be used as CMIC,

Correct. mLOM stands for "modular LAN On Motherboard". It has nothing to do with management of the bare metal UCS server.

 

In other words, the "1-Gb Ethernet dedicated management port" on the SNS-3655 does the same function as the "M" port on the SNS-3495, right?

Correct

 

In summary, there is so such thing as "dedicated management port" on the SNS-3655. The documentation is kinda misleading, correct?

It is a dedicated management port for the bare metal UCS server, and therefore the 3655 bare metal. It has nothing to do with management of the OS or ISE application running on the bare metal.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎07-20-2021 04:28 PM

See the SNS 3600 Series Appliance Hardware Installation Guide  for information on the physical interface mappings.

The mLOM is a modular interface on the UCS C-Series upon which the SNS 3600 series appliances are built. This allows additional interface cards to be used by the UCS server, but is not supported for use with the SNS appliance and the ISE application will not recognize or support it.

The dedicated management port is for out-of-band connectivity to the CIMC and provides the same function between both platforms.

0 Helpful

Go to solution
david.tran
Level 4
Level 4
In response to Greg Gibbs

‎07-20-2021 07:42 PM

@Greg Gibbs:  Thank you very much for your reply.  Just want to understand what you wrote above that on the SNS-3655 appliance:

 

1- the mLOM interface/slot that is on the SNS-3655 can NOT be used as CMIC,

2- the "1-Gb Ethernet dedicated management port" has the exact function as the "M" port on the SNS-3495,

 

In other words, the "1-Gb Ethernet dedicated management port" on the SNS-3655 does the same function as the "M" port on the SNS-3495, right?

 

In summary, there is so such thing as "dedicated management port" on the SNS-3655.  The documentation is kinda misleading, correct?

 

Thanks in advance.

 

 

Preview file
170 KB
0 Helpful

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to david.tran

‎07-20-2021 08:01 PM

1- the mLOM interface/slot that is on the SNS-3655 can NOT be used as CMIC,

Correct. mLOM stands for "modular LAN On Motherboard". It has nothing to do with management of the bare metal UCS server.

 

In other words, the "1-Gb Ethernet dedicated management port" on the SNS-3655 does the same function as the "M" port on the SNS-3495, right?

Correct

 

In summary, there is so such thing as "dedicated management port" on the SNS-3655. The documentation is kinda misleading, correct?

It is a dedicated management port for the bare metal UCS server, and therefore the 3655 bare metal. It has nothing to do with management of the OS or ISE application running on the bare metal.

0 Helpful

Go to solution
david.tran
Level 4
Level 4
In response to Greg Gibbs

‎07-20-2021 08:13 PM

@Greg Gibbs:  Thanks again. 

 

"In summary, there is so such thing as "dedicated management port" on the SNS-3655. The documentation is kinda misleading, correct?

It is a dedicated management port for the bare metal UCS server, and therefore the 3655 bare metal. It has nothing to do with management of the OS or ISE application running on the bare metal."

 

That's why I said it is very misleading.  Cisco documentation should have stated that the "dedicated management interface" function EXACTLY the same as the "M" (or Cisco Integrate Management Controller or CIMC) to avoid confusion to customers.

 

In other words, what is labeled as "1 GB dedicate management interface" on the SNS-3655 is nothing but a CIMC interface, LOL...

 

Thanks again Greg.

0 Helpful

Go to solution
Marcelo Morais
VIP
VIP
In response to david.tran

‎07-21-2021 09:25 AM

Hi @david.tran ,

 the SNS-3655 hardware is an UCS C220 M5 (please take a look at: Cisco Secure Network Server 3600 Series Appliance Hardware Installation Guide, search for Cisco SNS-3655-K9).

 To better understand the: Dedicated Management Port, LOM and CIMC, please take a look at: Cisco UCS C220 M5 Rack Server, search for Integrated Management Controller).

 

Hope this helps !!!

0 Helpful

Go to solution
david.tran
Level 4
Level 4
In response to Marcelo Morais

‎07-21-2021 10:05 AM

@Marcelo Morais :  Hi there,

 

The TAC engineer told me that there are several open cases on this specific issue.  The "dedicated management interface" is very misleading.  He said that they are considering changing the documentation from "dedicated management interface" back to either "M" port like the SNS-3495 or just name it as CIMC (Cisco Intergated Management Controller).  

Customers Also Viewed These Support Documents