Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2669
Views
0
Helpful
2
Replies

ISE and AD integration - Port 445 requirement

Go to solution
meetneelesh79
Level 1
Level 1

‎07-21-2017 07:50 AM

Team,

I am working with one of the customers for ISE POC. Customer is using Microsoft AD for identity store but port 445 is blocked on customer network. I have following queries with respect to ISE and AD integration.

1. Why "SMB - 445" port is required for ISE and AD integration?

2. If SMB-445 port is not enabled on the network, will ISE and AD integration work?

When I search on internet, LDAP and SMB has same usage

Thanks,

Neelesh Marathe

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎07-21-2017 08:52 AM

The recent vulnerability is on SMBv1. ISE-AD integration uses SMBv2, which also on TCP 445. Correct, it requires to allow such connections from ISE to the AD infrastructure for the integration to work.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
hslai
Cisco Employee
Cisco Employee

‎07-21-2017 08:52 AM

The recent vulnerability is on SMBv1. ISE-AD integration uses SMBv2, which also on TCP 445. Correct, it requires to allow such connections from ISE to the AD infrastructure for the integration to work.

0 Helpful

Go to solution
meetneelesh79
Level 1
Level 1
In response to hslai

‎07-27-2017 03:25 AM

Thank you very much Hsing for your inputs.

0 Helpful
Customers Also Viewed These Support Documents