ā05-27-2017 01:28 AM
Hi All
I am little confused on the port number 8905 for ISE communication, can you help me
Regards
Nikhil
Solved! Go to Solution.
ā05-28-2017 05:22 PM
Yes, if you setup a wired sniffer on the PC, you should be able to see the attempts to TCP/8905 encrypted by the ISE PSN admin certificates.
ISE 2.2 along with AC 4.4 and CM 4.2 have the option to use the "Call Home List" in the AnyConnect ISE posture module/agent profile and to specify the client provisioning portal port(s) instead of 8905.
ā05-27-2017 08:49 AM
HTTPS over TCP/8905. SWISS is no longer used in ISE since 1.3. Port 80 is only used for the initial redirect to PSN at which time communication is redirected to 8443 and then to 8905. If current guides reference SWISS, then please provide link and we will get updated.
Craig
ā05-27-2017 09:41 AM
Hi Craig,
Thanks for the reply, I still see the SWISS ports in the below link
If the communication on TCP/8905 in HTTPS if I sniff the packet in the PC, can I see the port 8905
Regards
Nikhil
ā05-28-2017 05:22 PM
Yes, if you setup a wired sniffer on the PC, you should be able to see the attempts to TCP/8905 encrypted by the ISE PSN admin certificates.
ISE 2.2 along with AC 4.4 and CM 4.2 have the option to use the "Call Home List" in the AnyConnect ISE posture module/agent profile and to specify the client provisioning portal port(s) instead of 8905.
ā05-31-2017 03:25 AM
Thanks for the replies.. In my setup I can see the ISE showing the posture status as a compliant & client gets the CoA, but I don't see any traffic on port 8905. All I can see is traffic on port 8443. I can also see the client getting my Posture conditions in the scan summary, client validating the posture conditions & moving to posture compliant state.
However no traffic on port 8905, how can I ensure the working is correct
Regards
Nikhil
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide