I`m looking for the ports needed to be allowed for AD authentication in an access list on a Vlan interface. I built a monster acl allowing various ports I found for this and still didn`t work, Finally did a permit ip to and from the Domain Controller. With the Acl I had built it would just sit on the Welcome screen, wasn`t seeing any deny on the Nexus 9k so not sure if I was missing a port or a return line in the acl.