Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
580
Views
1
Helpful
5
Replies

ISE configuration in WLC migration

ppnlr
Level 1
Level 1

‎09-19-2023 12:53 AM

We are migrating wlc from aireos to 9800 existing wlc is integrated in ISE for 802.1x authentication. inorder to take the ise configuration for wlan in the new wlc, our idea is to add the IP of new wlc in the network device group> all wlc since policies is pointing on this device group. Just want to know if this correct or there are other config that needs to be done.

Labels:
0 Helpful
5 Replies 5

marce1000
VIP
VIP

‎09-19-2023 02:28 AM

 

 - Will probably work ; concerning >....are other config that needs to be done. ; review this documentation :
             https://community.cisco.com/t5/security-knowledge-base/ise-and-catalyst-9800-series-integration-guide/ta-p/3753060

 M.
                  



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

ppnlr
Level 1
Level 1
In response to marce1000

‎09-22-2023 06:58 AM

would like to verify if that would work and no problem would be encounter on the old wlc since it should work parallel first during migration.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎09-19-2023 07:23 AM

Cat 9800 you need to create AAA

Configuration --> Security --> AAA  (in the Services Radius)

Add ISE Server you have and if you like to Group them  Server Group and create new and add multiple ISE in to that)

configuration --> tags & Profiles --> WLAN (select SSID Profle) Security --AAA Select the List fom the Server group you created

on the ISE Add WLC NAD IP  and Also how you would like to authenticate users.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

ppnlr
Level 1
Level 1
In response to balaji.bandi

‎09-22-2023 07:01 AM

done on the config in wlc side. question is about how can the new wlc adapt the policies of the old wlc in ise. it would be good if adding the new wlc in network device group will work. hehe

0 Helpful

ammahend
VIP
VIP
In response to ppnlr

‎09-22-2023 08:30 AM - edited ‎09-22-2023 08:35 AM

ISE policy decision is based on condition match, not necessarily the authenticator appliance, Just make sure your ACL list, ACL names, Custom radius timer etc are replicated to new WLC properly.

-hope this helps-
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card