cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1233
Views
10
Helpful
1
Replies

ISE ports used

jack samuel
Level 1
Level 1

Dear

Please find the attached port list diagram as given by cisco, I am configuring ISE only for dot1x of wireless users and sponsor guest portal,

I am confused for the port list shown for the Endpoint, NAD

 Endpoint  : Discovery TCP 8443 ,8905 what is this discovery used for client ??

                    PRA/KA ---what is PRA ?? KA stand for keepalive 

NAD:   SPAN TCP 80,8080  ---> what is this SPAN is it useful to allow this ports in my configuration

thanks

1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

Hi,

Endpoint Discovery on 8443 and 8905 - used to discover the ISE server when providing posture services 

PRA/KA = passive reassessment and keepalive. Used only with posture services.

NAD SPAN (switch port analyzer) used to send all client http traffic from the switch or WLC (NAD) to the ISE PSN for use in profiling.

As one would expect, if posture service is not being used, then you can ignore the first two. If you are not profiling based on SPAN then you can ignore the third one.