Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ISE NFR - Is Services NFR image pre-configured??

Dear,

We have received the ISE NFR kit. With the kit, we have received the ISE-NFR Image, Services NFR Image and NFR Configuration Guide (comprising of dhcp.conf, ISE Config Guide, ISE NFR configs (ASA, Switch Config)).

I went through the Configuration guide, and it gives the initial setup of VMware ISE Setup and Services NFR Setup.

As per the configuration guide, Services NFR is Linux machine with pre-configured services including DHCP, DNS, NTP, HTTP, OPEN LDAP and CA., I would like to know how to use the Services NFR with ISE NFR without using additional Active Directory Setup?

I have the COLD Lab guides for Cisco ISE, but I cannot use those guides with ISE-NFR because it requires the additional Active Directory for user creation and testing, and CA Setup.

I would like to know if there are any guides or scenarios to work with ISE-NFR and Services NFR.

Thank you in advance.

Best Regards,

Everyone's tags (1)
2 REPLIES
Cisco Employee

Yes, the Services NFR machine

Yes, the Services NFR machine is pre-configured.  OpenLDAP and CA are already running.

 

You can verify this by opening the Terminal and going to su mode.

OPEN LDAP:

Command: systemctl status dirsrv.service

Output: [root@magicserver ~]# systemctl status dirsrv.service
dirsrv.service - SYSV: 389 Directory Server
Loaded: loaded (/etc/rc.d/init.d/dirsrv)
Active: active (running) since Fri, 06 Sep 2013 10:58:10 -0700; 6 days ago
Process: 1174 ExecStart=/etc/rc.d/init.d/dirsrv start (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/dirsrv.service
â 1190 /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-magicserve...


CA:

Command: systemctl status pki-cad.service

Output: [root@magicserver ~]# systemctl status pki-cad.service
pki-cad.service - SYSV: Certificate Authority (Tomcat 6.0)
Loaded: loaded (/etc/rc.d/init.d/pki-cad)
Active: active (running) since Fri, 06 Sep 2013 10:58:32 -0700; 6 days ago
Process: 1439 ExecStart=/etc/rc.d/init.d/pki-cad start (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/pki-cad.service
â 1511 /usr/lib/jvm/jre/bin/java -classpath :/usr/share/t...

Now, adding users and configuring accounts is FAR more involved.  I suggest you start here:

https://www.google.com/#q=adding+users+in+openldap&safe=off

Similar for the CA:

https://www.google.com/#q=generating+certificate+linux+ca&safe=off

 

I hope this helps

Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question.  Otherwise, feel free to post follow-up questions.

Charles Moreton

Can you share with me the

Can you share with me the configuration guides?

510
Views
5
Helpful
2
Replies
CreatePlease login to create content