cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

363
Views
0
Helpful
1
Replies
Highlighted

ISE setup using a Load balancer

We want to setup ISE PSNs behind a loadbalancer( Netscaler or F5). For COA, do we need to add default route on PSNs towards loadbalancer IP? How should we route traffic from PSNs if we are using SNAT, i.e. default route should be towards ? If we are using SNAT, how will PSN determine the IP of NAD device? I am not sure of ISE 2.3, but till ISE 2.2, ISE doesn't have the capability to get the real NAD IP from Radius header. It uses the IP header info to determine the NAD IP.

I see some documents mentioning SNAT is possible for COA? But I don't see how it works?

Any suggestions/links will be really appreciable...

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Did you look at our F5 doc in the community?

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwiI84nd9LjWAhXB54MKHaDTB7QQFgg0MAA&url=https%3A%2F%2Fcommunities.cisco.com%2Fdocs%2FDOC-68198&usg=AFQjCNGkPpG_T9t2A8hsHRgz73zTxMFqig

View solution in original post

1 REPLY 1
Highlighted
Cisco Employee

Did you look at our F5 doc in the community?

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwiI84nd9LjWAhXB54MKHaDTB7QQFgg0MAA&url=https%3A%2F%2Fcommunities.cisco.com%2Fdocs%2FDOC-68198&usg=AFQjCNGkPpG_T9t2A8hsHRgz73zTxMFqig

View solution in original post