04-05-2017 02:29 AM
Hi all,
One of my customers wants to secure the Radius communication between 2 ISE environments.
ISE1 is configured as the Radius Server, the ISE PROXY is configured here as Network Device.
ISE2 is configured as the Radius PROXY.
Running both version 2.2, DTLS is an option to use.
Disabled, Cisco ISE will process both UDP and DTLS requests from the Network Device.
Enabled, Cisco ISE will process only the DTLS requests from the Network Device.
So this is possible to configure in environment ISE1.
Environment ISE2 is configured as PROXY.
There is no option to configure anything in ISE2 regarding DTLS and the External Radius Servers configuration.
Does this mean DTLS is not going to work in this situation?
Or is DTLS negotiated between the ISE1 Radius Server and the ISE2 Radius Proxy?
Thanks in advance
Best regards,
Martin
Solved! Go to Solution.
04-05-2017 02:46 AM
ISE as proxy in DTLS flow is not supporting today.
Please reach out to ISE-pm through sales for a feature request
04-05-2017 02:46 AM
ISE as proxy in DTLS flow is not supporting today.
Please reach out to ISE-pm through sales for a feature request
04-05-2017 05:46 AM
Hi Salomon,
Thanks for the information.
Best regards,
Martin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide