cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
Register for the monthly ISE Webinars to learn about ISE configuration and deployment.
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

102
Views
2
Helpful
2
Replies
Highlighted
Cisco Employee

Remediation Issue

Hello Experts,

I am trying to check for two things during posture:

1) If the Widows firewall service is running or not. (created the condition and launch program remediation  and it works fine)

2) To make sure that the Windows firewall is turned ON. (It is currently working for Domain and not  for other two profile, but I have raised a separate thread for that)

CURRENT ISSUE:

When windows FW is turned off for Domain and I disable the service and then unplug and replug the laptop,  the posture fails as both of these are not getting triggered at the same time. If I enable the domain firewall and then disable the widows firewall service it come back fine. Similarly if I just switch off the firewall for domain it comes back fine.

but somehow both are not coming back at the same time.

Please suggest what I am missing or how can we get this working with ISE posture in stealth mode.

REgards,

Rajat Sharma

2 REPLIES 2
Advocate

Re: Remediation Issue

This question appears to be a duplicate from your previous post here: Firewall is not getting turned on for Private (standard) and Public profiles

Cisco Employee

Re: Remediation Issue

I am sorry to say but this one is different as the other one is about making sure that firewall is turned on for all three profiles, where as this one is more about the two remediation not working at the same time.

As mentioned earlier I can achieve the below without any issues:

1) For domain profile I can enable the windows firewall using remediation (if "windows firewall" service is up and running)

2) I can start  the "windows firewall" service  using remediation( if all three profile are configured with firewall enabled option).

HOWEVER I cannot get both working at same time i.e.

3) If firewall is disabled for domain profile and windows firewall service is not running, the remediation does not start and at remediation timer expiry I am categorized as NON-COMPIANT

Is there something we can do about this. I mean some timer or some retries or some delay for the profile firewall remediation to kick in after the services are enabled.

Looking for some guidance there, if someone have seen it working in lab/ customer environment.