cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Cisco dCloud ISE Sandbox or Secure Access Wizard demos - Testing and Verification

270
Views
5
Helpful
0
Comments

In dCloud we have the ISE Sandbox. It is provided as a quick opportunity on the new OS with minimal support. It comes with no documentation. The following document can be used with the ISE Sandbox as a basic flow and validation of ISE with a wireless controller.

All our demos are available under http://cs.co/selling-ise-demos

Like most other ISE dcloud demos it includes no provided virtual clients. You have to bring your own AP/Endpoint Router kit and wireless clients. Please see other demos and their respective guides about connecting your own.

 

For more information on getting started with your AP or demo check out the documents listed here

Basic testing completed with the following steps

Configured minimal settings for basic dot1x and tested connectivity. If you’d like to continue please reference existing how to guides:

ISE Guest Access Prescriptive Deployment Guide

Cisco ISE BYOD Prescriptive Deployment Guide

 

Configure ISE

Connect to the ISE UI

  1. Access WKST1 of your dCloud demo using the WebRDP of your session.
  2. Launch firefox and using the bookmark for ISE.
  3. Login to ISE (credentials are cached as admin/C1sco12345)

Add Active Directory Join Point AD1

  1. Navigate to Administration > Identity Management > External Identity Sources  > Active Directory
  2. Added join point name AD1 with domain dcloud.cisco.com
  3. Joined domain administrator/C1sco12345
  4. Click Submit

Added WLC to ISE

  1. Navigate to Administration > Network Resources > Network Devices
  2. Add network device with following info:
    • Name: WLC1
    • IP: 198.19.11.10
    • RADIUS Authentication Settings Enabled  with Shared Secret C1sco12345
  3. Click Submit

 

Configure WLC

Open WLC UI

  1. Using Firefox open bookmark for WLC and login with cached credentials (otherwise use your session username and password from dCloud details page)

Configure AAA servers

Note: There is already a server, leave that, its for setting up automation credentials for usage to GUI Login (dcloud user/pass)

  1. Click Advanced
  2. Go to Security > AAA > RADIUS > Authentication, click to create New entry
  3. Add in ISE with the following and applying it
    • Server IP Address: 198.18.133.27
    • Shared secret C1sco12345
  4. Click Apply
  5. Create accounting server with same as above

 

Create Wireless network

  1. Click WLANs 
  2. Create new WLAN with the following info:
  3. WLAN create new GO
    • Profile Name: dcloud-internal
    • SSID  dcloud-internal-xxxx (something unique so you don’t collide with others using dcloud ISE demos)
    • Click Apply
  4. Under general tab
    • set status to enabled
    • choose Interface > guest
  5. Click Security > AAA servers and choose 198.18.133.27 for both
  6. Advanced Tab > uncheck flexconnect local switching (scroll down halfway)
  7. Click Apply
  8. In the upper right click Save configuration

 

That’s all you need to do a basic setup test!

 

Test a client

  1. On your device connect to dcloud-internal-xxx
  2. Enter credentials as employee/C1sco12345
  3. Connected! Browse to internet. Success!
  4. On ISE navigate to Operations > Radius Livelog and look at your entries

 

That’s all included with our basic connectivity test!