Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
949
Views
0
Helpful
1
Replies

Access list ports needed for AD authentication

CraigGilliam09639
Level 1
Level 1

‎07-26-2021 02:18 PM

I`m looking for the ports needed to be allowed for AD authentication in an access list on a Vlan interface. I built a monster acl allowing various ports I found for this and still didn`t work, Finally did a permit ip to and from the Domain Controller. With the Acl I had built it would just sit on the Welcome screen, wasn`t seeing any deny on the Nexus 9k so not sure if I was missing a port or a return line in the acl.

Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎07-26-2021 02:40 PM

there are the ports required for AD Services to work :

 

https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/config-firewall-for-ad-domains-and-trusts

 

Can you post the config the nexus switch to look what is wrong?

 

Tell us what is the IP address of the user and where it connected. what is the IP address of AD server and where it connected ?

 

Nore:  Nexus switch default is not a stateful FW, so you need to construct ACL accordingly.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card