Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
315
Views
0
Helpful
0
Replies

CSCvq81812 - AnyConnect needs to prioritize redirect targets over connectiondata.xml targets

Chris_Schubert
Level 1
Level 1

‎08-09-2019 10:09 AM

Please follow the following instructions for a workaround:

1. Add all PSNs to the call-home list in the "iseposture" Client Provisioning resource.

2. Create DACLs with only 1 PSN any/any and DNS any/any

3. Create separate Auth. Profile results that with DACLs for that PSN.

4. Create Authorization policies with the following:
 (PSN used is A) AND (customers conditions) AND (Endpoint-not compliant) THEN Authorization Profile A

 

We have followed the steps to workaround the issue and have some more questions about how to handle redirection for a non-compliant device.  It's our understanding (and our experience) that redirection can't be done on a downloadable ACL (dACL), so we need to figure out our non-compliant flow now that it has changed.

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents