cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

547
Views
5
Helpful
3
Replies
dewey89
Beginner

How to Configure ISE 2.7 after Initial Buildout

I'm training to deploy ISE 2.7 and can't find the steps to deploy it for TACACS+ and 802.1x.  I've finished building and deploying ISE as a VM and have access to both the GUI and CLI.

 

  Now I'm looking for the steps and what order to do them in to get where I can deploy TACACS+ and add devices for 802.1x.  The next thing I want to do is the security hardening.  Right now I'm accessing the GUI using http, but I want to disable that and enable https only.

 

  Two other things I want to do is set an RSA key of 2048 bits and generate a CSR for a 3rd party SSL certificate, but nothing shows the order that you need to do them in.  I think the RSA keys need to be set before the CSR is generated, but what other steps are required and when?

  I'm reading through the b_ise_27_admin_guide documentation and I'm finding out how to do what I need, but it doesn't give an order to the events.

 

  Does anyone have a list of tasks that need to be completed in the correct order?

 

3 REPLIES 3
Mike.Cifelli
VIP Advocate

Mike, I've got your second link as a reference already.  I'm surprised they reference Cisco Prime as an example.  I don't know how well the transfer procedures will line up or if I'll have to guess at it.

 For my example there's several steps I need to complete.  Which steps have to be completed before the others, what order?

 

Creating a CSR to get an SSL CA certificate

Create RSA key for 2048 bit encryption

Setting the WebGUI login to https from http

 

  These steps and more need to be completed before I activate 802.1x and TACACS+.

 

Panos Bouras
Beginner

Hi @dewey89 ,

 

Check Katherine McNamara webpage for lots of detailed steps on various ISE topics.

https://www.network-node.com/

 

Thank you,Panos.
Please Rate Posts (by clicking on Star) and/or Mark Solutions as Accepted, when applies
Content for Community-Ad