04-09-2019 02:00 PM - edited 04-09-2019 02:02 PM
Hello All,
Is it possible to the NADs to do tacacs authentication behind a NAT HIDE?
I have several devices in a site in old fashion way IP addressing out of RFC1918 and it must use NAT. It will use a single IP to arrive in datacenter.
Soon I'll arrange it.
Someone know if it could working fine?
Kind Regards,
Solved! Go to Solution.
04-09-2019 08:31 PM
NAT IP address can be configured as a NAD in ISE. But in your scenario you have multiple devices NATTED with Single IP. If you have multiple vendor device operating on your environment then the authorization profile will get collapsed. Single authorization policy will be applicable for those devices.
If you have single vendor you can configure the NAT IP as NAD in ISE and create authorization profile accordingly.
Note: Based on the concept, Not tested any where.
04-09-2019 08:31 PM
NAT IP address can be configured as a NAD in ISE. But in your scenario you have multiple devices NATTED with Single IP. If you have multiple vendor device operating on your environment then the authorization profile will get collapsed. Single authorization policy will be applicable for those devices.
If you have single vendor you can configure the NAT IP as NAD in ISE and create authorization profile accordingly.
Note: Based on the concept, Not tested any where.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide