Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2766
Views
10
Helpful
2
Replies

ports required for PEAP usage behind firewall

Andrey128
Level 1
Level 1

‎09-27-2017 05:58 PM - edited ‎07-05-2021 07:42 AM

does anyone know which set of ports should be openned to allow work of devices, which are using PEAP protocol?

-devices and wireless controller are separated by firewall

-user account and passwords, which are used for PEAP, are created on wireless controller.

 

thanks a lot

Labels:
0 Helpful
2 Replies 2

Flavio Miranda
VIP
VIP

‎09-27-2017 08:41 PM

Hello,

 PEAP, or any kind of EAP protocol, is  negociated between supplicante and authentication server using standard RADIUS protocol  port 1812 and 1813 UDP. There´s no specific port for PEAP.

RichardAtkin
Level 3
Level 3

‎09-29-2017 06:30 AM

If you're using the WLC as the RADIUS server and creating the user accounts within the WLC, then you don't need to open any ports.  The AP tunnels the Auth traffic back to the WLC via CAPWAP and that's it :)

 

You only need to open ports if you are using an external RADIUS server, in which case its UDP1812 & 1813 for RADIUS authentication and accounting, and UDP 1700 or 3799 if you get in to doing RADIUS CoA stuff.  The source/destination IPs for the FW rule would be your WLC's Management Interface and the RADIUS Server's IP address.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card