Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2498
Views
0
Helpful
3
Replies

TCP UDP 8905 8909 with AnyConnect Posture Agent

Go to solution
trevorjenix
Level 1
Level 1

‎06-13-2015 11:21 AM - edited ‎03-10-2019 10:48 PM

Documentation and books refer to allowing TCP/UDP ports 8905 and 8909 to the ISE servers in the AGENT-REDIRECT ACLs to make sure NAC agent can be prvisioned, be controlled by ISE and allow keepalive traffic. My question is if this all applies only to the NAC agent or if it applies to the AnyConnect Posture module as well, I couldn't have seemed to find this information anywhere. Are 8905 and 8909 ports still used in with:

- AnyConnect provisioning ?

- NSP provisioning ?

- AnyConnect posture module communication and keep alives ?

If not using NAC agent, would it be enough to only include port 8443 to ISE PSN(s) IPs?

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Brian Taylor
Level 1
Level 1
In response to Venkatesh Attuluri

‎10-21-2018 03:13 AM

Some documents show 8909 isn’t used in ise 2.0+

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎06-18-2015 03:14 AM

you will be still needing 8905 8909 with anyconnect

0 Helpful

Go to solution
trevorjenix
Level 1
Level 1
In response to Venkatesh Attuluri

‎06-18-2015 12:31 PM

Thank you!

0 Helpful

Go to solution
Brian Taylor
Level 1
Level 1
In response to Venkatesh Attuluri

‎10-21-2018 03:13 AM

Some documents show 8909 isn’t used in ise 2.0+

0 Helpful
Customers Also Viewed These Support Documents