cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2638
Views
10
Helpful
5
Replies

ISE Sponsor portal with load-balancer URL

MP_Linc
Level 1
Level 1

I have two ISE nodes running in Primary and Secondary mode, I have a sponsor portal established with a defined dns string internally for employees to reach, however we have a load-balancer(LB) managing the sponsor portals respectively.  When clients attempt to reach our sponsor portal they get caught by the LB which then presents a certificate error and won't redirect the client to the ISE nodes seamlessly.  On the ISE servers for the same portal we have valid external certs to prevent a cert error page from appearing.  Has anyone run a setup like this before?  I'll condense all the information I have below for ease of reading.  Also does the secondary even take any requests for sponsor logins?  Or is the primary the work horse?  I don't expect the portal to be heavily used but I could be wrong.

 

I have the FQDN field filled out with my dns entry in ISE for the sponsor portal URL.

 

The LB has the same FQDN defined for where to redirect.

 

Our internal DNS is pointing to our internal IP with the correct DNS entry.  Known because this works without the LB being active.

 

The actual URL for ISE has a long string after the DNS name .com:8888/sponsorportal/...

Should the full ISE URL be used on the LB or just the shortened FQDN?