Load Balancing Cisco Identity Services Engine (ISE)

0

Configuration has yet to be fully verified, Kemp Support will gladly assist if your Cisco ISE traffic is not flowing as expected.

 

1   Introduction

Cisco Identity Services Engine (ISE) is a network administration product that enables the creation and enforcement of security and access policies for endpoint devices connected to the company's routers and switches. The purpose is to simplify identity management across diverse devices and applications.

 

1.2  Document Purpose

This section details a configuration for a specific application that has been provided by a customer but has yet to be fully tested.

The purpose of this document is to give readers an overview on the recommended best practice settings when configuring the Cisco ISE components for load balancing.

Configuration has yet to be fully verified, but Kemp Support will gladly assist if Cisco ISE is not flowing as expected.

 

2  Configuration Required

One Virtual Service required on port 443.

 2.1 Global Configuration  

     >No Changes Required

 

2.2  Virtual Service Configuration:

 

2.3   Cisco ISE

      > New Virtual Service

      > Enter IP Address

      > Port = 443

      > Name = Cisco ISE     

> Add New Virtual Service


 2.4    Standard Options   

      > Disable Transparency

      > Subnet Originating Request = Enable

      >  Persistence = Source IP 

      >  Persistence Time = 30min  

      > Scheduling Method = Least Connection

      >  Idle Connection Timeout = 660  (Default)


 
   2.5   Real Servers

      > Add New 

      > Enter IP Address

      > Port = 443

      > Checker Parameter Type = HTTPS 

 





If you have successfully Load Balanced your Cisco ISE environment by implementing this specific configuration, please give a thumbs up or please leave a comment on a possible alteration that was required to make it function. Thank you

0 comments