Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
538
Views
0
Helpful
4
Replies

DOT1.X remote sites

adamgibs7
Level 6
Level 6

ā€Ž03-08-2017 11:42 AM - edited ā€Ž03-11-2019 12:31 AM

Dears,

I have a site to site vpn between the HQ and remote sites, in HQ ISE is running 802.1X perfect now the requirement is to enable 802.1X on remote sites users desktops, i have added remote site switch in the ISE but not the firewall but things are not working for me when i test the switch by aaa command it shows me no authoritative servers are available, i.e means packets are not reaching to the server and somewhere getting drops, i have also enabled radius ports on the vpn traffic. 

Is there any specific setting has to be enabled on the firewall to pass dot1.X packets.

Thanks

Labels:
0 Helpful
4 Replies 4

adamgibs7
Level 6
Level 6

ā€Ž03-09-2017 07:26 AM

Dears,

Anybody can help me with the above configuration.

thanks

0 Helpful

Ravi Singh
Level 7
Level 7

ā€Ž03-09-2017 09:08 AM

Please check the below link and make sure these ports are open

http://www.cisco.com/c/en/us/td/docs/security/ise/2-0/installation_guide/b_ise_InstallationGuide20/Cisco_SNS_3400_Series_Appliance_Ports_Reference.html

0 Helpful

adamgibs7
Level 6
Level 6
In response to Ravi Singh

ā€Ž03-09-2017 02:29 PM

Dear Ravi,

I only want to do 802.1X, so for that which ports i have to open, as it seem there is no ports except the radius server port 1645,1646,1845,1846.

thanks

0 Helpful

adamgibs7
Level 6
Level 6
In response to adamgibs7

ā€Ž03-12-2017 12:16 AM

Dear,

i have enabled all the ports by permit ip any any but still it didnt worked for me, so please confirm to me that there is no special configuration on asa vpn  for the EAP packets to pass from VPN.

Thanks

0 Helpful
Customers Also Viewed These Support Documents