SXP Publishing

ISE 2.0 provides a SXP connection listener. pxGrid provides the ability for ISE to publish the SXP connection information such as IP address, SGT-Tag, Source and Peer sequences.

The ISE sample scripts sxp_download and sxp_subscribe scripts can be used to obtain this information.

In this example, a Cisco Catalyst 3750x and ASA 5505 were used for the initial tests. The TrustSec configuration of these devices can been found in the Reference section. Note that the reader must be familiar with Cisco's TrustSec solution.

Before configuring the SXP binding settings, verify CTS is configured properly on SXP enabled devices. Verify the proper #CTS requests# are seen in the Authorization Policies.

Verify CTS is configured properly for SXP enabled devices

Follow the TrustSec Overview to go over the procedures.

Also, enable the SXP service port under Administration > Deployment and select node.