01-16-2014 12:06 AM - edited 02-21-2020 10:28 AM
Hi dears,
i want vpn cleint authenticate from ISE server. In ISE server external identity source is Active directory. I configurate vpn client in ASA.
I read and understand that i must configurate Inline Posture node in ISE.
I confuse something.
1. Must i need a license for inline posture?
2. how is it work?
3. have the other deployment for vpn client authenticate from ISE?
Thanks.
01-22-2014 08:20 PM
IPN is a physical ISE device. It does not work in a VM.
Licenses are centrally managed by the Administration node. Inline Posture and Policy Service nodes do not require separate licenses. If you have two Administration nodes deployed in a high-availability pair, you can obtain a license based on the hardware IDs of both the primary and secondary Administration nodes. After you obtain the license, add it only to the primary Administration node. The license gets replicated to the secondary Administration node.
http://www.cisco.com/en/US/docs/security/ise/1.2/installation_guide/ise_deploy.html#wp1151546
Regards,
Brandon
01-29-2014 04:47 PM
Hello Teymur,
Following link might be helpful.
http://www.cisco.com/en/US/products/ps11640/products_configuration_example09186a0080bea904.shtml
02-09-2014 11:44 PM
Thank you very much to reply me.
I have one question. The Cisco ISE physically connect to Core SW(Cisco catalyst 6513-Ein vss).
All access switches connected to core sw. I want to wired and wireless users authenticated form ISE server with 802.1x authentication protocols.
My users and access pint connect to access switch.
I must confiure 802.1x in access switch. Do i need do any configuration 802.1x in CORE sw?
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide