09-27-2017 05:58 PM - edited 07-05-2021 07:42 AM
does anyone know which set of ports should be openned to allow work of devices, which are using PEAP protocol?
-devices and wireless controller are separated by firewall
-user account and passwords, which are used for PEAP, are created on wireless controller.
thanks a lot
09-27-2017 08:41 PM
Hello,
PEAP, or any kind of EAP protocol, is negociated between supplicante and authentication server using standard RADIUS protocol port 1812 and 1813 UDP. There´s no specific port for PEAP.
09-29-2017 06:30 AM
If you're using the WLC as the RADIUS server and creating the user accounts within the WLC, then you don't need to open any ports. The AP tunnels the Auth traffic back to the WLC via CAPWAP and that's it :)
You only need to open ports if you are using an external RADIUS server, in which case its UDP1812 & 1813 for RADIUS authentication and accounting, and UDP 1700 or 3799 if you get in to doing RADIUS CoA stuff. The source/destination IPs for the FW rule would be your WLC's Management Interface and the RADIUS Server's IP address.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide