Testing Environment

You should have the following in your LAB for pxGrid testing:

• VMware 5.5 ESX server

• At least 3 different VMs are required:

  • ISE 2.0 pxGrid node

  • Windows 2008 R2 CA Server for Microsoft AD, which will also contain DNS and NTP

Note: You will also need to set this up as a CA Server for testing CA-signed certificates.
- Windows PC client using 802.1X supplicant, Cisco AnyConnect NAM, or RADIUS simulator
Note: RADIUS simulator is used if no 802.1X environment is available.

• 802.1X environment: either Cisco Catalyst 3750-x, Cisco Catalyst 3560-x, or Cisco Catalyst 3850. Refer to the TrustSec compatibility matrix if testing the new ISE SXP functionality: Cisco TrustSec 5.0 Platform Support Matrix.
  Otherwise ensure your network access device is compatible with ISE; refer to Cisco Identity Services Engine Network Component Compatibility.

• pxGrid client: MAC or Linux client, Cisco Security Solution, 3^rd party pxGrid partner application

• ISE 2.0.0.306

• pxGrid SDK 1.0.2.32

Cisco Identity Service Engine (ISE 2.0) VM Setup

This covers the initial ESX server VM creation configurations:

• Linux 5 64-bit operating system

• Minimum OS hard drive size of 100 GBs

• 8 GBs RAM

• 2 network interface controllers (NIC), if 1 NIC is used as SXP listener

Note: Do not use the same VM network NIC for the PC client, since the PC client port will be configured for 802.1X configuration if an 802.1X environment is used.

Make sure your Active Directory (AD) domain is up and running before you configure ISE. The ISE setup configuration will require the host name, IP address, domain name, DNS and NTP server names.

ISE, pxGrid client, and PC client must be a fully qualified domain name (FQDN) resolvable.