Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1816
Views
5
Helpful
2
Replies

Cisco ISE NFR - Is Services NFR image pre-configured??

Ashfaq Habeeb
Level 1
Level 1

‎03-20-2014 07:32 AM - edited ‎03-10-2019 09:33 PM

Dear,

We have received the ISE NFR kit. With the kit, we have received the ISE-NFR Image, Services NFR Image and NFR Configuration Guide (comprising of dhcp.conf, ISE Config Guide, ISE NFR configs (ASA, Switch Config)).

I went through the Configuration guide, and it gives the initial setup of VMware ISE Setup and Services NFR Setup.

As per the configuration guide, Services NFR is Linux machine with pre-configured services including DHCP, DNS, NTP, HTTP, OPEN LDAP and CA., I would like to know how to use the Services NFR with ISE NFR without using additional Active Directory Setup?

I have the COLD Lab guides for Cisco ISE, but I cannot use those guides with ISE-NFR because it requires the additional Active Directory for user creation and testing, and CA Setup.

I would like to know if there are any guides or scenarios to work with ISE-NFR and Services NFR.

Thank you in advance.

Best Regards,

1 person had this problem
Labels:
0 Helpful
2 Replies 2

Charlie Moreton
Cisco Employee
Cisco Employee

‎03-20-2014 11:33 AM

Yes, the Services NFR machine is pre-configured.  OpenLDAP and CA are already running.

 

You can verify this by opening the Terminal and going to su mode.

OPEN LDAP:

Command: systemctl status dirsrv.service

Output: [root@magicserver ~]# systemctl status dirsrv.service
dirsrv.service - SYSV: 389 Directory Server
Loaded: loaded (/etc/rc.d/init.d/dirsrv)
Active: active (running) since Fri, 06 Sep 2013 10:58:10 -0700; 6 days ago
Process: 1174 ExecStart=/etc/rc.d/init.d/dirsrv start (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/dirsrv.service
â 1190 /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-magicserve...


CA:

Command: systemctl status pki-cad.service

Output: [root@magicserver ~]# systemctl status pki-cad.service
pki-cad.service - SYSV: Certificate Authority (Tomcat 6.0)
Loaded: loaded (/etc/rc.d/init.d/pki-cad)
Active: active (running) since Fri, 06 Sep 2013 10:58:32 -0700; 6 days ago
Process: 1439 ExecStart=/etc/rc.d/init.d/pki-cad start (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/pki-cad.service
â 1511 /usr/lib/jvm/jre/bin/java -classpath :/usr/share/t...

Now, adding users and configuring accounts is FAR more involved.  I suggest you start here:

https://www.google.com/#q=adding+users+in+openldap&safe=off

Similar for the CA:

https://www.google.com/#q=generating+certificate+linux+ca&safe=off

 

I hope this helps

Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question.  Otherwise, feel free to post follow-up questions.

Charles Moreton

PAUL GILBERT ARIAS
Level 5
Level 5

‎08-01-2017 04:43 PM

Can you share with me the configuration guides?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents