Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2698
Views
10
Helpful
1
Replies

Radius for clients behind NAT

Go to solution
SMD28316
Level 1
Level 1

‎01-01-2022 01:44 PM

I'm tasting Dot1X / Posture / General RADIUS in my lab, and I want to have some clients with a private VLAN behind NAT, are there any considerations to keep in mind when I use ISE as the radius server?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎01-03-2022 07:18 PM

There is nothing really specific required to handle clients behind NAT, but the profiling information ISE has for these clients may be off or partial. As long as the radius authentication being sent from the network device itself isn't natted, then you will handle it like regular endpoint authentication. 

If the switch communicating with ISE is behind nat, then it's a whole different can of worms. 

View solution in original post

1 Reply 1

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎01-03-2022 07:18 PM

There is nothing really specific required to handle clients behind NAT, but the profiling information ISE has for these clients may be off or partial. As long as the radius authentication being sent from the network device itself isn't natted, then you will handle it like regular endpoint authentication. 

If the switch communicating with ISE is behind nat, then it's a whole different can of worms. 

Customers Also Viewed These Support Documents