Security

Reply

ClearPass - AD Sites and Services

We have several CPPMs in a cluster, with one CPPM server at each campus we have.  In order to make sure that authentications at each location stay local, I setup services for each location with authentication sources that are local to each.  I'm working with a contractor that has deployed Cisco ISE, and he asked why I setup CPPM with services for each location.  I mentioned that I wanted to be sure that authentications happened locally, rather than going across our WAN network.  He mentioned that ISE works with MS Sites and Services to determine which AD servers belong to a subnet, so that each independant ISE server can select the closest AD server for authentication.  That way you don't have to create multiple services which local authentication sources like I did.  Is this supported in CPPM?

=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.

Re: ClearPass - AD Sites and Services

I was told by an ClearPass engineer that the CP server will be served the DNS record for the closest domain controllers if AD Sites and Services is setup with site subnets.

=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: