09-15-2017 06:52 AM
I want to confirm if it is possible to authenticate from NAT inside endpoints but also from outside endpoints(which have Global IP address).
It seems to work if ISE is Static NATed, but is it supported structure?
Outside<- | ->Inside
Global IP address endpoints --- GW(Global IP)-----| NAT Router |---- ISE(Static NATed) |----- Private IP address endpoints(PATed)
Solved! Go to Solution.
09-15-2017 07:40 AM
NNot officially tested but has been working for years
09-15-2017 07:40 AM
NNot officially tested but has been working for years
09-18-2017 07:34 AM
Thank you for the reply. Could you kindly tell me what type of authentication is used ?
My customer's environment is going to be MAB, Web Auth, dot1x mixed. These are on Wired and Wireless.
And in the future, they are planning to use Dynamic VLAN, Downloadable ACL or Trustsec.
It still seems working fine when ISE is Static NATed, however, please let me know if there is any known issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide