Phase 2: Installation & Setup Wizard

Phase 2: ISE Installation & Setup Wizard

Setting Value

Setting	Value
Hostname	`ise-01` (or `ise-02` when rotating back)
DNS Domain	`inside.domusdigitalis.dev`
IP Address	`10.50.1.20` (ise-01) or `10.50.1.21` (ise-02)
Netmask	`255.255.255.0`
Gateway	`10.50.1.1` (VyOS VRRP VIP)
Primary DNS	`10.50.1.90` (bind-01)
Secondary DNS	`10.50.1.91` (bind-02)
NTP	`10.50.1.1` (VyOS VIP — verify upstream is configured)
Timezone	`US/Pacific`
SSH	`Y`
Username	`admin`
Password	`gopass show -o v3/domains/d000/identity/ise/ise-01/admin`

Hostname

ise-01 (or ise-02 when rotating back)

DNS Domain

inside.domusdigitalis.dev

IP Address

10.50.1.20 (ise-01) or 10.50.1.21 (ise-02)

Netmask

255.255.255.0

Gateway

10.50.1.1 (VyOS VRRP VIP)

Primary DNS

10.50.1.90 (bind-01)

Secondary DNS

10.50.1.91 (bind-02)

NTP

10.50.1.1 (VyOS VIP — verify upstream is configured)

Timezone

US/Pacific

SSH

Y

Username

admin

Password

gopass show -o v3/domains/d000/identity/ise/ise-01/admin

If NTP sync fails, VyOS may not have an upstream NTP source. Fix from VyOS:

# On vyos-01 (and vyos-02)
configure
set service ntp server pool.ntp.org
commit
save
exit

If VyOS NTP still isn’t synced, use pool.ntp.org directly in the wizard and change back after install:

# On ISE CLI after install
configure terminal
ntp server 10.50.1.1
exit

Connect via console or SSH:

sudo virsh console ise-01
# Or after network is up:
ssh admin@10.50.1.20

Monitor:

show application status ise

All critical services must show running:

SETroubleshoot daemon failed — cosmetic, ISE’s hardened RHEL base
awk: fatal: cannot open platform.properties-active — normal during initial boot
BadPaddingException — transient during first service startup