cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

151
Views
0
Helpful
2
Replies
Highlighted
Contributor

Manual remediation and the retry message box

Hi experts,

We have setup a manual remediation to start the SCCM service.

So, when AnyConnect detects that the service is not running, it will give a pop-up telling the user to click the start button. Thus starting the SCCM service.

Now, what is happening is that, user clicks the Start button, but, then instantly another pop-up is present with a Retry button. If the user hits retry the button quite a few times (its quite random, so number of tries is not recorded), the posture goes through and the endpoint is deemed compliant.

Now, the real issue is that, this should have been pretty simple and streamlined for the user.

Not sure why this Retry pop-up is presented, where as when a user clicks, Start, AnyConnect should start the service and make the endpoint compliant...

 

We are using:

ISE 2.3

AnyConnect 4.5.04029

NAM module

 

Any ideas appreciated.

Everyone's tags (3)
2 REPLIES 2
Contributor

Re: Manual remediation and the retry message box

To do the further testing, I made the posture check as optional.
Now the user gets an option to skip or start the posture check, but still the user get another pop-up asking to either skip or retry... indicating what the service its missing out.

As per my theory, when a user click Start or skip the posture check and proceed to next rules, but instead it gives another pop-up asking to retry... or skip in case of an optional posture check.retry message box.jpg

 

 

 

 

Cisco Employee

Re: Manual remediation and the retry message box

I would suggest you to try AnyConnect 4.6 MR2 or whichever the latest and the latest Compliant Module. If the same issue persists, please open a Cisco TAC case to investigate further.