Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
702
Views
0
Helpful
2
Replies

Authenticate from NAT outside endpoint

Go to solution
azhakama
Cisco Employee
Cisco Employee

‎09-15-2017 06:52 AM

I want to confirm if it is possible to authenticate from NAT inside endpoints but also from outside endpoints(which have Global IP address).

It seems to work if ISE is Static NATed, but is it supported structure?

                                                                          Outside<- | ->Inside

Global IP address endpoints --- GW(Global IP)-----| NAT Router |---- ISE(Static NATed) |----- Private IP address endpoints(PATed)

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎09-15-2017 07:40 AM

NNot officially tested but has been working for years

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎09-15-2017 07:40 AM

NNot officially tested but has been working for years

0 Helpful

Go to solution
azhakama
Cisco Employee
Cisco Employee

‎09-18-2017 07:34 AM

Thank you for the reply. Could you kindly tell me what type of authentication is used ?

My customer's environment is going to be MAB, Web Auth, dot1x mixed. These are on Wired and Wireless.

And in the future, they are planning to use Dynamic VLAN, Downloadable ACL or Trustsec.

It still seems working fine when ISE is Static NATed, however, please let me know if there is any known issue.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents