12-20-2018 11:52 AM - edited 07-05-2021 09:37 AM
In larger enterprise wireless deployments is there a way to load balance authentication requests that are sent on a specific SSID to an ISE node? At the moment you can manually do it per SSID, or per WLC, sending to different primary and secondary nodes. Is there a way to have the requests on a single SSID properly load balance across multiple ISE nodes?
12-20-2018 11:59 AM
There is a way but using a load-balancer. I have deployed a solution using F5 LB.
12-20-2018 05:57 PM
The ISE Community has done an excellent job in documenting how this can be done for F5, Citrix and ACE.
Have a look here.
I have experience with the F5 load balancer solution and I will say that doing this comes with great responsibility and knowing what you're doing. The Cisco/F5 document goes into great length about which flows can be load balanced and how. Session persistence is a big deal especially with web portals.
I also played around with a poor man's load balancer using nginx - it's not bad for simple stuff. And it's free.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: