Solved: Re: ISE Smart licensing

sujanyakj · ‎05-19-2022

I want to smart license my ISE box which ia not having direct connectivity to internet.

Please let me know can we do that.

Charlie Moreton · ‎05-19-2022

You can use a Proxy Server or the CSSM-On Prem

Using Cisco Smart Software Manager (CSSM) On-Prem for Smart Licensing in Air-Gapped Networks

View solution in original post

Charlie Moreton · ‎05-20-2022

In the installation guide for version 8-202201, I see the following:

Since this is all the documentation I have, I'd be keen to keep checking the firewall logs to see the redundant addresses and add those.

View solution in original post

Charlie Moreton · ‎05-19-2022

You can use a Proxy Server or the CSSM-On Prem

Using Cisco Smart Software Manager (CSSM) On-Prem for Smart Licensing in Air-Gapped Networks

sujanyakj · ‎05-19-2022

Hi Charlie,

We are not having proxy set up as well. If we want to open the firewall ports then i found thw below domains need to be opened in one of the document over 443 and 80 ports.

Tools.cisco.com

Www.cisco.com

But when i checked the deny logs in the firewall, the hits are towards tools1.cisco.com,tools2.cisco.com,..etc

Can you please help me with the exact domains which needs to be opened in the firewall.

Charlie Moreton · ‎05-20-2022

In the installation guide for version 8-202201, I see the following:

Since this is all the documentation I have, I'd be keen to keep checking the firewall logs to see the redundant addresses and add those.

Marcelo Morais · ‎05-20-2022

Hi @sujanyakj ,

please take a look at: CSCwa77161 PLR returned upon 3.0P5 -> 3.0P3, PLR (Permanent License Reservation) could be the solution.

Hope this helps !!!

sujanyakj · ‎08-29-2022

Thanks for the response.

I licensed my ise nodes and it was workibg fine as expected.Last week, i hvae upgraded the box from 2.4 to 2.7 version later the node reboot was not able to see my base license being authorized against CSSM as auth column is empty.(tacacs and vm license is in good shape)