Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
482
Views
0
Helpful
1
Replies

PSN behind ASA fw

pmlam3274
Level 1
Level 1

‎06-30-2015 07:25 PM - edited ‎03-10-2019 10:52 PM

Having some problem getting the switch to authenticate with dot1x.  Currently we have a PSN behind a cisco Asa fw and the switch IP address is statically nat to an outside IP address.  All port are open both inside and outside (testing purpose).  Does anyone know if the nat translation of an NAS ip address have any affect how ise process the information from the switch?  

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎07-01-2015 10:29 AM

Please reference the link below that shows all of the ports used by Cisco ISE. 

http://www.cisco.com/c/en/us/td/docs/security/ise/1-4/installation_guide/b_ise_InstallationGuide14/b_ise_InstallationGuide14_appendix_01010.html

As far as NAT: make sure that your DNS is set up properly to ensure that the ISE serves resolve correctly as that becomes important for users/endpoints being redirected to ISE for guest, posture and client-provisioning. 

I hope this helps!

 

Thank you for rating helpful posts!

0 Helpful
Customers Also Viewed These Support Documents