In dCloud we have the ISE Sandbox. It is provided as a quick opportunity on the new OS with minimal support. It comes with no documentation. The following document can be used with the ISE Sandbox as a basic flow and validation of ISE with a wireless controller.
All our demos are available under http://cs.co/selling-ise-demos
Like most other ISE dcloud demos it includes no provided virtual clients. You have to bring your own AP/Endpoint Router kit and wireless clients. Please see other demos and their respective guides about connecting your own.
For more information on getting started with your AP or demo check out the documents listed here
Basic testing completed with the following steps
Configured minimal settings for basic dot1x and tested connectivity. If you’d like to continue please reference existing how to guides:
ISE Guest Access Prescriptive Deployment Guide
Cisco ISE BYOD Prescriptive Deployment Guide
Configure ISE
Connect to the ISE UI
- Access WKST1 of your dCloud demo using the WebRDP of your session.
- Launch firefox and using the bookmark for ISE.
- Login to ISE (credentials are cached as admin/C1sco12345)
Update profiler and posture feeds
The ISE Sandbox doesn’t have automation to update the Profiler & Posture feed services that include information (such as OS version and MAC OUI) needed to perform these services. We will work this into further release automation. This would cause problems with new versions of Apple Devices for example just recently apple came out with the iPadOS. Or when Apple comes out with new hardware OUI (MAC vendor listing needs to be updated).
The following steps will help you update the feeds. These take about 15 min each but they can be done in parallel.
Update profiler feed
- Navigate to Work Centers > Profiler > Feeds
- Click Test Feed Server Connection and after success, Click Update Now
Note: You can move to posture feed update and then validate after 15 min or so that the feed is updated.
Update posture feed
- Navigate to Administration > System > Settings > Posture > Updates
- Click Update Now
Note: This may take 15 min or so. You can wait until this is done then go back to Profiler feed status check.
Add Active Directory Join Point AD1
- Navigate to Administration > Identity Management > External Identity Sources > Active Directory
- Added join point name AD1 with domain dcloud.cisco.com
- Joined domain administrator/C1sco12345
- Click Submit
Added WLC to ISE
- Navigate to Administration > Network Resources > Network Devices
- Add network device with following info:
- Name: WLC1
- IP: 198.19.11.10
- RADIUS Authentication Settings Enabled with Shared Secret C1sco12345
- Click Submit
Configure WLC
Open WLC UI
- Using Firefox open bookmark for WLC and login with cached credentials (otherwise use your session username and password from dCloud details page)
Configure AAA servers
Note: There is already a server, leave that, its for setting up automation credentials for usage to GUI Login (dcloud user/pass)
- Click Advanced
- Go to Security > AAA > RADIUS > Authentication, click to create New entry
- Add in ISE with the following and applying it
- Server IP Address: 198.18.133.27
- Shared secret C1sco12345
- Click Apply
- Create accounting server with same as above
Create Wireless network
- Click WLANs
- Create new WLAN with the following info:
- WLAN create new GO
- Profile Name: dcloud-internal
- SSID dcloud-internal-xxxx (something unique so you don’t collide with others using dcloud ISE demos)
- Click Apply
- Under general tab
- set status to enabled
- choose Interface > guest
- Click Security > AAA servers and choose 198.18.133.27 for both
- Advanced Tab > uncheck flexconnect local switching (scroll down halfway)
- Click Apply
- In the upper right click Save configuration
That’s all you need to do a basic setup test!
Test a client
- On your device connect to dcloud-internal-xxx
- Enter credentials as employee/C1sco12345
- Connected! Browse to internet. Success!
- On ISE navigate to Operations > Radius Livelog and look at your entries
That’s all included with our basic connectivity test!