cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1075
Views
5
Helpful
1
Replies
Highlighted
Beginner

New Cisco ISE 2.4 Multiple interfaces, one for management one for Authentication traffic

I am looking for a way to setup 2 interfaces on ISE 2.4 and have GI0 -- be in it's own VRF like I can do with a Router, and then the GI3 be used solely for Authentication traffic and no mixed traffic between the 2, I would like basically I would need 2 routes for default routes and don't want to create a routing loop.  

I see where ISE will answer Auth requests on any available interface.  The searching I have done is not terribly clear on this topic, and I am very new to ISE.

Everyone's tags (4)
1 REPLY 1
Highlighted
VIP Collaborator

Re: New Cisco ISE 2.4 Multiple interfaces, one for management one for Authentication traffic

You can run two separate interfaces to handle separate traffic. From the ISE CLI you can configure static routes for your specific subnets to use your separate L3 gateways. Ensure that you only have one default route for one of the interfaces. Then simply rely on static routes for your other subnets that you dont want using the DFG. To answer your authentication question, configure your NADs to point to your G3 interface and create manual routes using the G3 subnet GW to route traffic back to your NADs.

HTH!