/build/static/layout/Breadcrumb_cap_w.png

Cisco ISE and K1000 AMP Agent settings needed

We use Cisco ISE and ports 80 and 443 are redirected so that anyone connecting to our network cannot access anything until a posture assessment has been performed (NAC).  We have allowed port 52230, and I can see the clients are being accessed in KACE, but I cannot execute scripts/patches/inventory on these clients until I physically logon and allow the clients to clear NAC. 

Can anyone with both KACE and Cisco ISE please guide me on the best way to resolve this issue?  I don't think I can get 80/443 open, unless there is a equally secure way like we have them now. 

Thanks! 

-Darren

0 Comments   [ + ] Show comments

Answers (1)

Posted by: SMal.tmcc 8 years ago
Red Belt
0
you need 80 or 443 for the client to check in with

here is a list of what the k1 needs to certain things

https://support.software.dell.com/kb/111775

Comments:
  • Is there a way to use either of those ports and have the same functionality? What I mean is, how can we have the same level of security with those ports allowed in ISE? - dsykes 8 years ago
    • we do not use cisco here, but we only have 443 and 52230 open and our clients check in from the outside. - SMal.tmcc 8 years ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ