Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ISE Guest portal digital public certificate with dual deployment

I have a deployment of ISe which has a primary and secondary node.  We are using ISE for Guest web access and it's Guest portal functionality.

I have installed a public VeriSign certificate onto the primary node so that guest users don't certificate errors when they get redirected to the guest portal.

We have a DNS server with an entty for the guest portal URL e.g. guest.company.com with the IP adresses of both ISE servers.

When users are loggin onto the guest wireless it is pot luck whether or not they get the primary ISE node because of the DNS round robin of the ISE IP addresses.

Is there anyway to make the secondary ISE node use the Verisign certificate as well or do I need to buy another certificate which is linked to the secondary ISE nodes FQDN?

(the certificate I have currently has a CN of the FQDN of the primary ISE server with subject alternative names of the secondary ISE node and the guest web redirect URL).

Any help would very much be appreciated.

thanks

Craig

1 REPLY
New Member

ISE Guest portal digital public certificate with dual deployment

Hi Craig,

Please check the below link with a similar prob,  might help.

https://supportforums.cisco.com/thread/2161878

1276
Views
0
Helpful
1
Replies
CreatePlease to create content