Sunday 19 April 2015

Cisco TrustSec - ISE (Part 2) - AD Domain Install

                                             Cisco TrustSec – ISE (Part 2)

                 AD Domain Install

   

  1. AD Domain Install


     Switch initiation

SW1
ip routing
interface GigabitEthernet1/0/1 switchport access vlan 2 switchport mode access
!
interface GigabitEthernet1/0/2 switchport access vlan 2 switchport mode access
!
interface GigabitEthernet1/0/3 switchport access vlan 2 switchport mode access
!
interface GigabitEthernet1/0/4 switchport access vlan 2 switchport mode access
!

interface GigabitEthernet1/0/5 switchport mode trunk
!
interface GigabitEthernet1/0/6 switchport access vlan 20 switchport mode access
!
interface GigabitEthernet1/0/10 switchport access vlan 10 switchport mode access
!
interface GigabitEthernet1/0/24 switchport mode trunk
!
interface Vlan2
ip address 202.100.2.254 255.255.255.0
ip helper-address 202.100.1.168
!
interface Vlan10
ip address 202.100.1.254 255.255.255.0
!
interface Vlan20
ip address 202.100.20.254 255.255.255.0
!
ip http server
ip http secure-server
!
logging esm config
!
line con 0
logging synchronous line vty 0 4
login
line vty 5 15 login
!
end SW2


Install W2K8 R2 AD Domain







Click Active Directory Domain Services

Run AD Domain Services wizard







4.2.1    Add new Object Unit





Create User Group:isegroup

Add Group to domain admin


Create User: iseuser



Place Computer into ISE  OU and  isegroup Group;

On W2K8 R2 install DHCP server



Add New Role


Choose NIC ;




      1. Test Win7-1 DHCP



4.4.2    ISE Join Domain





Test Connectivity between ISE  and Domain server;

Join Domain


User administrator account when ISE joins domain



Will see ISE-1

4.4.3    Add Domain Group to  ISE



Choose group

4.4.3.1 Add User attributes
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)