Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1755
Views
0
Helpful
2
Replies

ISE and DTLS and ISE as PROXY

Go to solution
mverbon
Level 1
Level 1

‎04-05-2017 02:29 AM

Hi all,

One of my customers wants to secure the Radius communication between 2 ISE environments.

ISE1 is configured as the Radius Server, the ISE PROXY is configured here as Network Device.

ISE2 is configured as the Radius PROXY.

Running both version 2.2, DTLS is an option to use.

Disabled, Cisco ISE will process both UDP and DTLS requests from the Network Device.

Enabled,  Cisco ISE will process only the DTLS requests from the Network Device.

So this is possible to configure in environment ISE1.

Environment ISE2 is configured as PROXY.

There is no option to configure anything in ISE2 regarding DTLS and the External Radius Servers configuration.

Does this mean DTLS is not going to work in this situation?

Or is DTLS negotiated between the ISE1 Radius Server and the ISE2 Radius Proxy?

Thanks in advance

Best regards,

Martin

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
smashash
Cisco Employee
Cisco Employee

‎04-05-2017 02:46 AM

ISE as proxy in DTLS flow is not supporting today.

Please reach out to ISE-pm through sales for a feature request

View solution in original post

0 Helpful
2 Replies 2

Go to solution
smashash
Cisco Employee
Cisco Employee

‎04-05-2017 02:46 AM

ISE as proxy in DTLS flow is not supporting today.

Please reach out to ISE-pm through sales for a feature request

0 Helpful

Go to solution
mverbon
Level 1
Level 1
In response to smashash

‎04-05-2017 05:46 AM

Hi Salomon,

Thanks for the information.

Best regards,

Martin

0 Helpful
Customers Also Viewed These Support Documents