Cisco TrustSec – ISE (Part1)
Installation and Upgrading
1.1.1 ISE Authentication
ISE authentication consists of four components:
(1) Name (Yellow)
- Condition (Blue)
- Allow Protocol (Red)
- Identity Source (Green)
1.1.2 ISE Authorization
ISE Authorization consists of four components:
(5) Name (Yellow)
- Identity Group (Green)
- Conditions (Blue)
- Permissions(Red)
2. Lab Environment
Topology
Hardware 
WS-C2960S-24PS-L
|
1
|
AIR-CT5508-12-K9
|
1
|
AIR-CAP3502I-C-K9
|
1
|
CP-6921-C-K9
|
1
|
GLC-T
|
1
|
Cables
|
multiple
|
Apple MacBook Air
|
1
|
Apple iPhone4
|
1
|
Android HTC One
|
1
|
Vmware Host dual NIC
|
1
|
Install & Upgrade ISE
Install ISE3.1.1 Create VM
3.1.2 Select Version
PS:choose Redhat 5 32 bits
3.1.4 Choose ISE Number of Processors
PS:two CPUs minimum
3.1.5 Configure ISE the amount of memory
3.1.6 Specify ISE disk size
PS:minimum 200G suggested
PS:ISE has only one port to be administration,and rest of ports cannot be administration
3.1.8 Turn on power
Choose 1,to install the OS
PS:At this moment, the OS is being installed;
3.1.9 Install ISE
Type setup to begin
PS1:it’s better off that make sure the ip address at this moment, because if change ip address settings later on, it has to be restart services.
PS2:the reason place two DNS server:
(1) First DNS points to AD server;
(2) Second DNS points to internet ,because ISE has to download libraries from cisco;
(10) Setup database password
3.1.10 Check ISE services status
Login to ISE via SSH,and type show application status ise to check if services are enabled.
PS Before ISE Application Server is running, login to ISE Web
ISE Upgrade & PathISE Upgrade
Since we installed 1.1.4.218, newer version is not coming out, so skip ;
ISE Path(patch)
Load to CD ROM
PS:Patch file shows .gz,you have to convert into ISO and load into VM;(Obviously, you also can upload it into ISE, but I thought ISO would be convenient )
PS:it takes about 15 minutes,and it will reboot itself afterwards.
Check all patches;
No comments:
Post a Comment