DOT1.X remote sites

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-08-2017 11:42 AM - edited 03-11-2019 12:31 AM
Dears,
I have a site to site vpn between the HQ and remote sites, in HQ ISE is running 802.1X perfect now the requirement is to enable 802.1X on remote sites users desktops, i have added remote site switch in the ISE but not the firewall but things are not working for me when i test the switch by aaa command it shows me no authoritative servers are available, i.e means packets are not reaching to the server and somewhere getting drops, i have also enabled radius ports on the vpn traffic.
Is there any specific setting has to be enabled on the firewall to pass dot1.X packets.
Thanks
- Labels:
-
AAA

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2017 07:26 AM
Dears,
Anybody can help me with the above configuration.
thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2017 09:08 AM
Please check the below link and make sure these ports are open
http://www.cisco.com/c/en/us/td/docs/security/ise/2-0/installation_guide/b_ise_InstallationGuide20/Cisco_SNS_3400_Series_Appliance_Ports_Reference.html

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2017 02:29 PM
Dear Ravi,
I only want to do 802.1X, so for that which ports i have to open, as it seem there is no ports except the radius server port 1645,1646,1845,1846.
thanks

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-12-2017 12:16 AM
Dear,
i have enabled all the ports by permit ip any any but still it didnt worked for me, so please confirm to me that there is no special configuration on asa vpn for the EAP packets to pass from VPN.
Thanks
