Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1732
Views
1
Helpful
1
Replies

ISE 2.3 as Radius Server with IP-Pool oder DHCP

Go to solution
knsh2003
Level 1
Level 1

‎09-14-2017 02:02 AM

Hi there,

I would like to user ISE as Radius-Server on VMware for our Smartphones! I had tried to figure it out with using DHCP-Service function enabling on ISE, but unfortunately didn#t work perfect. so I would like to you, if anyone can provide/help/support me to configure it correctly.

any useful recommendation or infos R welcome!

this article didn't help actually : Configure Third-Party NAD Redirection on ISE 2.1 - Cisco

great time,

cheers, Keyvan

1 Accepted Solution

Accepted Solutions

Go to solution
bravojared
Level 4
Level 4

‎09-27-2017 05:08 PM

This is not a use case for the DHCP Server in ISE.

The DHCP/DNS server functionality in ISE is to assign IP Addresses and take all DNS requests from clients (Except those domains excluded) and redirect them to ISE server.  The purpose/goal for this is to intercept traffic when the NAD is not aware of how to redirect.  So, the only domains that would NOT be redirected to ISE require:

1. Specified in External Domain List to respond with real IP address.

2. External DNS Servers are populated.

Since you can't put every domain that you would want to reach their real addresses in the box for #1, this is not a supported use case for DHCP/DNS Server in ISE for general purpose DHCP/DNS. 

Suggest you use something else for DHCP scope (Controller, switch, etc) and point to a valid DNS server.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
bravojared
Level 4
Level 4

‎09-27-2017 05:08 PM

This is not a use case for the DHCP Server in ISE.

The DHCP/DNS server functionality in ISE is to assign IP Addresses and take all DNS requests from clients (Except those domains excluded) and redirect them to ISE server.  The purpose/goal for this is to intercept traffic when the NAD is not aware of how to redirect.  So, the only domains that would NOT be redirected to ISE require:

1. Specified in External Domain List to respond with real IP address.

2. External DNS Servers are populated.

Since you can't put every domain that you would want to reach their real addresses in the box for #1, this is not a supported use case for DHCP/DNS Server in ISE for general purpose DHCP/DNS. 

Suggest you use something else for DHCP scope (Controller, switch, etc) and point to a valid DNS server.

0 Helpful
Customers Also Viewed These Support Documents