Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
346
Views
4
Helpful
1
Replies

Different Vlans and interfaces to Management and Production

albarito17
Level 1
Level 1

ā€Ž02-28-2014 08:36 AM - edited ā€Ž03-10-2019 09:28 PM

Hi.

I am trying to configure an ISE with one interface in  the management vlan (just the admins will have access to this vlan, this  Vlan is not routed on our network) and other interface in the production vlan where the ISE will works and wveryone else will have to reach (guest portal, sponsor portal, etc...)

I read the management interface must to be the Giga 0.

ĀæCan anyone help me? It is my fist ISE so I am a bit lost.

Thanxs.

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

ā€Ž02-28-2014 01:44 PM

You can put G0 on the management VLAN that you are referring to. However, if you are using the guest portal/services then you need to dedicate an interface for that as well. You do that from "Administration > Web Portal Management ? Settings > General > Ports"

If you don't want to deal with this then you can put ISE on a general VLAN that is different than the management one that you are using and then restrict access to the management via:

"Administration > Admin Access > Settings > Access > IP Access" there you can define the IPs from which management is allowed. Perhaps there you can set your management subnet.

Hope this helps!

Thank you for rating helpful comments!

Customers Also Viewed These Support Documents