1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Hardware
  5. NAC3350-PROF-K9 - NAC Profiler Server
  6. Installation manual

Cisco Nac Appliance Connectivity Across A Firewall - Cisco NAC3350-PROF-K9 - NAC Profiler Server Installation Manual

Nac appliance hardware
Hide thumbs
Table of Contents

Advertisement

Cisco NAC Appliance Connectivity Across a Firewall

4.
For further details, see the "Manage CAS SSL Certificates" and "Synchronize System Time" sections
of the
CAM certificates, see the
4.8(3).
Cisco NAC Appliance Connectivity Across a Firewall
The Clean Access Manager (CAM) uses Java Remote Method Invocation (RMI) for parts of its
communication with the Clean Access Server (CAS), which means it uses dynamically allocated ports
for this purpose. If your deployment has a firewall between the CAS and the CAM, you will need to set
up rules in the firewall to allow communication between the CAS and CAM machines, that is, a rule that
allows traffic originating from the CAM destined to the CAS and vice versa.
Note
If there is a NAT router between the CAS and CAM, also refer to section "Configuring the CAS Behind
a NAT Firewall" in the Installation chapter of the
Configuration Guide, Release 4.8(3)
Table 3-1
of Cisco NAC Appliance).
Table 3-1
Cisco NAC
Appliance Version Required Ports
4.8
4.7(x)
4.6(1)
4.5(x)
4.1(x)
4.0(x)
3.6(x)
3.5(x)
For example, for Single Sign-On (SSO) capabilities, additional ports must be opened on the CAS and
firewall (if any) to allow communication between the Agent and the Active Directory Server, as shown
in
Table
purpose of each port.
Cisco NAC Appliance Hardware Installation Guide
3-34
Before deploying the CAS in a production environment, Cisco Strongly recommends acquiring a
trusted certificate from a third-party Certificate Authority to replace the temporary certificate (in
order to avoid the security warning that is displayed to end users during user login).
Cisco NAC Appliance - Clean Access Server Configuration Guide, Release
Cisco NAC Appliance - Clean Access Manager Configuration Guide, Release
lists the ports that are required for communication between the CAS and the CAM (per version
Port Connectivity for CAM/CAS
TCP ports 443, 1099, and 8995~8996
TCP ports 80, 443, 1099, and 8995~8996
TCP ports 80, 443, 1099, and 32768~61000 (usually 32768~32999 are sufficient).
3-2.
Table 3-2
provides further details about communicating devices, the ports affected, and the
Chapter 3
Installing the Clean Access Manager and Clean Access Server
Cisco NAC Appliance - Clean Access Server
for additional details.
4.8(3). For details on
OL-20326-01
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the NAC3350-PROF-K9 - NAC Profiler Server and is the answer not in the manual?

Related Manuals for Cisco NAC3350-PROF-K9 - NAC Profiler Server

Related Products for Cisco NAC3350-PROF-K9 - NAC Profiler Server

This manual is also suitable for:

Nac-3315Nac-3355Nac-3395Nac-3310Nac-3350Nac-3390

Table of Contents