03-04-2019 11:22 PM - edited 03-04-2019 11:35 PM
Hi All,
Just want to get some clarification around the requirements to add ISE under the Foreign and Anchor WLCs.
In short, below is the lab testing and research showing only t Foreign WLC is required to have ISE PSN nodes added and Anchor WLC does NOT communicate with ISE even when it has been added with the exception of Accounting Interim update
Lab Testing:
Research
State: Radius is done only by foreign wlc. The ACL should be configured on both WLC.
In summary -
Cheers,
Won
03-05-2019 08:38 AM
You summed them up nicely. To confirm, no RADIUS configuration is needed on auto-anchor for the specific WLAN. In fact having RADIUS accounting enabled for ISE on anchor will break the CWA. Also, even though redirect ACL needs to exists on both controller, the anchor controller is the one using it. The foreign just need to have the ACL name exist (Does not need ACL entries).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide