Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2110
Views
3
Helpful
3
Replies

ISE - Routing Multiple Interfaces

Go to solution
llomjaria
Level 1
Level 1

‎01-23-2024 03:37 AM

Hi,

I have ISE medium deployment. 2 PAN & MnT and 2 PSNs.

I have configured BYOD and Posture on PSNs. I configured Gi 1 interface with different IP address which should be used for BYOD and Posture portals.

My question is regarding routing. How ISE handles traffic that comes on Gi1 interface? Will it respond with the same interface or it will use Gi0?
How should I configure routing ?

In some cases NADs and users are in same subnet, so I cannot configure different routes for NADs and users.

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Aref Alsouqi
VIP
VIP

‎01-23-2024 03:48 AM

ISE by default routes back the traffic out of the same interface where the traffic was received on.

View solution in original post

Go to solution
Aref Alsouqi
VIP
VIP

‎01-23-2024 04:53 AM

No I don't think so, as that network is a connected network to ISE. However, if you want to configure multiple default routes then yes.

Please refer to ip route section in this guide:

Cisco Content Hub - Cisco ISE CLI Commands in Configuration Mode

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Aref Alsouqi
VIP
VIP

‎01-23-2024 03:48 AM

ISE by default routes back the traffic out of the same interface where the traffic was received on.

Go to solution
llomjaria
Level 1
Level 1
In response to Aref Alsouqi

‎01-23-2024 03:53 AM

Thanks for the reply!

Here is my current configuration:

ise-psn-1/admin#show ip route

Destination Gateway Iface
----------- ------- -----
169.254.4.0/24 0.0.0.0 cni-podman2
default 172.25.4.1 eth0
169.254.2.0/24 0.0.0.0 cni-podman1
172.25.4.0/24 0.0.0.0 eth0 - Radius/MGMT
172.25.24.0/24 0.0.0.0 eth1 - For Portals

Do I need to add static route: ip route 0.0.0.0 0.0.0.0 gateway 172.25.24.1 - for ISE to users traffic?

0 Helpful

Go to solution
Aref Alsouqi
VIP
VIP

‎01-23-2024 04:53 AM

No I don't think so, as that network is a connected network to ISE. However, if you want to configure multiple default routes then yes.

Please refer to ip route section in this guide:

Cisco Content Hub - Cisco ISE CLI Commands in Configuration Mode

0 Helpful
Customers Also Viewed These Support Documents