cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
854
Views
0
Helpful
2
Replies
Frequent Contributor

IP Host (Alias) in ISE

I have setup a secondary IP on Gig1 on my ISE servers and have my CWA Portal listening on this Interface

(Deploying similar to http://www.networkworld.com/article/3074954/security/how-to-use-anycast-to-provide-high-availability-to-a-radius-server.html)

My static redirect for web redirection in my authorisation profile points to 2.2.2.2.

My redirect works but I was hoping my alias would have replaced my 2.2.2.2 address in the redirect. When my test clients are redirected to my logon page, the URL still shows "https://2.2.2.2......" rather than my Alias.

Am I missing something? Config which covers this is below.


interface GigabitEthernet 0
ip address 10.44.129.10 255.255.255.0
ipv6 address autoconfig
ipv6 enable
!
interface GigabitEthernet 1
ip address 2.2.2.2 255.255.255.0
ipv6 address autoconfig
ipv6 enable

!
ip default-gateway 10.44.129.1
!
ip host 2.2.2.2 guest guest.company.com

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Re: IP Host (Alias) in ISE

This is bit dated, but to close the loop on this.

1. Configure DNS to resolve your alias to anycast IP (2.2.2.2 > guest.company.com)

2. Configure Authz profile static redirection to host name instead of IP, IOW use guest.company.com

2 REPLIES 2
Beginner

Re: IP Host (Alias) in ISE

It's a test environment, right?
Try to replace your "2.2.2.2:port" (I assume you are talking about your attribute details when you mention 2.2.2.2 in your post) with "ip:port".
Highlighted
Cisco Employee

Re: IP Host (Alias) in ISE

This is bit dated, but to close the loop on this.

1. Configure DNS to resolve your alias to anycast IP (2.2.2.2 > guest.company.com)

2. Configure Authz profile static redirection to host name instead of IP, IOW use guest.company.com