07-09-2020 07:52 PM
I'm working on a PoC design that includes ISE (version 2.7) and APIC-DC (version 4.2) Policy Plane integration for TrustSec. Per the ACI Settings page in ISE, ACI version 3.2 and above uses the Kafka method for integration but the only documentation I can find references the older method for ACI 3.1 and below.
The drop-down for the Certificate field shows certs from the ISE Trusted store, so I’m assuming the APIC cert would be selected there. Can someone please confirm?
I also wanted to confirm if the ISE Admin cert (or chain) needs to be trusted by APIC or if this is just a one-way trust.
Solved! Go to Solution.
07-10-2020 07:33 AM
Hi Greg,
Err, ISE 2.7 UI should not be showing the ACI 3.2 option. What build of 2.7 do you have?
Kafka is only supported with data plane integration which is not yet available.
For policy plane integration, you need only to import the APIC certificate into ISE as shown in the documentation that you already have.
HTH,
Fay-Ann
07-10-2020 07:33 AM
Hi Greg,
Err, ISE 2.7 UI should not be showing the ACI 3.2 option. What build of 2.7 do you have?
Kafka is only supported with data plane integration which is not yet available.
For policy plane integration, you need only to import the APIC certificate into ISE as shown in the documentation that you already have.
HTH,
Fay-Ann
07-12-2020 03:30 PM
Oops.. thanks Fay-Ann. I just noticed that I'm still using the ISO for the 2.7 beta (2.7.0.268).
I confirmed that I don't see that option for the FCS version (2.7.0.356).
07-12-2020 04:14 PM
Time to grab a copy of 3.0.0.393
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide