NOTE: This document is old as it utilizes older version of ISE and pxGrid that are either EOS or being removed from the product. As of ISE 2.4 we develop pxGrid 2.0. In ISE 3.1 pxGrid 1.0 is removed, please work with vendor for latest documentation. We will use this as older reference but maybe removed in the future.
This document is for Cisco engineers and customers who are planning to integrate Infoblox NIOS and Cisco Identity Service Engine (ISE) 2.1 using Cisco Platform Exchange Grid (pxGrid). Infoblox NIOS version 7.3.6 software was used for both the virtual Grid Master and Network Discovery (ND) member.
This document includes:
Configuring Infoblox and the ISE pxGrid node for both Self-signed and CA-signed certificates
Configuring the Infoblox Grid Master (GM) and Infoblox Network Discovery (ND) member
Configuring DHCP and DNS services on the Infoblox GM
Configuring Infoblox ISE Ecosystem parameters and connecting to the ISE pxGrid node
Creating Infoblox DHCP and IPAM notifications for publishing Dynamic Topic information
Creating Infoblox RPZ notifications to send blocked DNS responses to the ISE pxGrid
Creating ISE EPS Quarantine Authorization policy
Populating Infoblox IPAM table with pxGrid session information
Quarantining an endpoint due to an Infoblox RPZ violation
The reader will observe and become familiar with the ISE user session information that will populate the IPAM table for more contextual information around IP events. Additionally, a RPZ (Response Policy Zone) will be created for blocking www.yahoo.com , with the results the of the endpoint being quarantined.
I have a problem where I am getting failed authentication using a One Time Password. I need the AnyConnect window to display username, password, and "Enter MFA Passcode". The user will enter their username, password and a six digit PIN from their MFA appl...
Hi team,I can´t make that access-lists works with FQDN.when i do show access-list the output show (unresolved) any (inactive) ASA CODE is Cisco Adaptive Security Appliance Software Version 9.12(4)38here is the configacl,asa,fqdnasa dn...
I have a requirement where i need to deploy 50 rows in an excel on FTD devices added in an FMC..is there any way i can do this via FMC-API or a script ? i am not very versed with FMC-API and it is very troublesome to create large no. of rules in an FMC&nb...
Hello, Since upgrading to AnyConnect 4.10.05095 we've found that our Windows clients no longer report device information as part of the SAML sign-in process which causes them to fail Conditional Access policies that require a domain-joined or In...
I have deployed the ISO for an on premise sensor running 5.1.1 in VMware. I have set a proxy variable in /opt/obsrvbl-ona/config.local same as the older 4.3 sensor. The new install wont connect to the cloud portal and I can see in Splunk that it is ...