07-20-2021 01:39 PM
In SNS-3495, you have an interface label "M". The way I understand it, this interface has several functions, including:
1- acts as a CMIC (e.g. Light Out Management) to allow you to turn ON/OFF the device;
2- Allow you to see the device at boot up via the KVM console;
3- Allow firmware update of the appliance such as BIOS, Harddrive firmware update, NIC firmware update, etc...
There is no such thing as "dedicated management interface" on the 3495.
In SNS-3655 appliance, I see there is an "mLOM" interface and also a "dedicated management interface" on the 3655.
I think the "mLOM" interface is used for:
1- allow you to turn ON/OFF the device;
2- Allow you to see the device at boot up via the KVM console;
3- Allow firmware update of the appliance such as BIOS, Harddrive firmware update, NIC firmware update, etc...
What is the purpose of the "dedicated management interface" on the SNS-3655? Does it have a separate routing domain
just like the Cisco Firepower Threat Defense (FTD) device? Does radius authentication for managing the device go
through this "dedicated" management interface? Does the ISE replication go through this management interface or
through the production interface?
I am trying to migrate ISE 2.2 on sns-3495 over to 3.0 on sns-3655 and just want to make sure I have all my bases
covered.
Thanks in advance.
Solved! Go to Solution.
07-20-2021 08:01 PM
1- the mLOM interface/slot that is on the SNS-3655 can NOT be used as CMIC,
Correct. mLOM stands for "modular LAN On Motherboard". It has nothing to do with management of the bare metal UCS server.
In other words, the "1-Gb Ethernet dedicated management port" on the SNS-3655 does the same function as the "M" port on the SNS-3495, right?
Correct
In summary, there is so such thing as "dedicated management port" on the SNS-3655. The documentation is kinda misleading, correct?
It is a dedicated management port for the bare metal UCS server, and therefore the 3655 bare metal. It has nothing to do with management of the OS or ISE application running on the bare metal.
07-20-2021 04:28 PM
See the SNS 3600 Series Appliance Hardware Installation Guide for information on the physical interface mappings.
The mLOM is a modular interface on the UCS C-Series upon which the SNS 3600 series appliances are built. This allows additional interface cards to be used by the UCS server, but is not supported for use with the SNS appliance and the ISE application will not recognize or support it.
The dedicated management port is for out-of-band connectivity to the CIMC and provides the same function between both platforms.
07-20-2021 07:42 PM
@Greg Gibbs: Thank you very much for your reply. Just want to understand what you wrote above that on the SNS-3655 appliance:
1- the mLOM interface/slot that is on the SNS-3655 can NOT be used as CMIC,
2- the "1-Gb Ethernet dedicated management port" has the exact function as the "M" port on the SNS-3495,
In other words, the "1-Gb Ethernet dedicated management port" on the SNS-3655 does the same function as the "M" port on the SNS-3495, right?
In summary, there is so such thing as "dedicated management port" on the SNS-3655. The documentation is kinda misleading, correct?
Thanks in advance.
07-20-2021 08:01 PM
1- the mLOM interface/slot that is on the SNS-3655 can NOT be used as CMIC,
Correct. mLOM stands for "modular LAN On Motherboard". It has nothing to do with management of the bare metal UCS server.
In other words, the "1-Gb Ethernet dedicated management port" on the SNS-3655 does the same function as the "M" port on the SNS-3495, right?
Correct
In summary, there is so such thing as "dedicated management port" on the SNS-3655. The documentation is kinda misleading, correct?
It is a dedicated management port for the bare metal UCS server, and therefore the 3655 bare metal. It has nothing to do with management of the OS or ISE application running on the bare metal.
07-20-2021 08:13 PM
@Greg Gibbs: Thanks again.
"In summary, there is so such thing as "dedicated management port" on the SNS-3655. The documentation is kinda misleading, correct?
It is a dedicated management port for the bare metal UCS server, and therefore the 3655 bare metal. It has nothing to do with management of the OS or ISE application running on the bare metal."
That's why I said it is very misleading. Cisco documentation should have stated that the "dedicated management interface" function EXACTLY the same as the "M" (or Cisco Integrate Management Controller or CIMC) to avoid confusion to customers.
In other words, what is labeled as "1 GB dedicate management interface" on the SNS-3655 is nothing but a CIMC interface, LOL...
Thanks again Greg.
07-21-2021 09:25 AM
Hi @david.tran ,
the SNS-3655 hardware is an UCS C220 M5 (please take a look at: Cisco Secure Network Server 3600 Series Appliance Hardware Installation Guide, search for Cisco SNS-3655-K9).
To better understand the: Dedicated Management Port, LOM and CIMC, please take a look at: Cisco UCS C220 M5 Rack Server, search for Integrated Management Controller).
Hope this helps !!!
07-21-2021 10:05 AM
@Marcelo Morais : Hi there,
The TAC engineer told me that there are several open cases on this specific issue. The "dedicated management interface" is very misleading. He said that they are considering changing the documentation from "dedicated management interface" back to either "M" port like the SNS-3495 or just name it as CIMC (Cisco Intergated Management Controller).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide