Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
3811
Views
5
Helpful
2
Replies

Anyconnect 4.7 bypassing, networks configured for NAC Agent

Go to solution
raulantoniorz91
Level 1
Level 1

‎09-22-2019 07:43 AM

Hi,

 

I'm installing ISE 2.6 with Anyconnect 4.7 with ISE Posture VPN Posture and Compliance Module 4.3 for posture. But When test PC is connected to NAD, it gets authenticated but Compliance Modue shows message "Byppassing anyconnect scan your network is configured to use Cisco NAC Agent", and ISE shows Pending Posture for this end point.

 

I have configured Posture conditions, policies and there will be no redirection to portal since it is a requirement from end customer, for security non-compliant users should contact IT crew to get Anyconnect instead of download from client privisioning portal because AD policies don't allow to users to install external programs.

 

This is the current configuration

 

Conditions, only to check if there is a McAfee instalation

 

Anotación 2019-09-22 092517.png

Posture requirements

 

Anotación 2019-09-22 092837.pngAnotación 2019-09-22 092944.pngAnotación 2019-09-22 093200.pngAnotación 2019-09-22 093436.pngAnotación 2019-09-22 093551.pngAnotación 2019-09-22 093715.png

Thank you for your help.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎09-22-2019 08:25 AM

Hi, You are checking for version 3.x or earlier of the compliance module in the requirements and posture policy, however you are using version 4.3, change this to version 4.x or later.

 

HTH

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎09-22-2019 08:25 AM

Hi, You are checking for version 3.x or earlier of the compliance module in the requirements and posture policy, however you are using version 4.3, change this to version 4.x or later.

 

HTH

0 Helpful

Go to solution
raulantoniorz91
Level 1
Level 1
In response to Rob Ingram

‎09-22-2019 09:00 AM - edited ‎09-22-2019 09:01 AM

Hi,

Thank you for your help, I needed to move AV condition as AM condition to use it as 4.x version, since AV conditions are available only for 3.x. When applied and shut/no shut to user interface now  Posture Status is "NotApplicable".

Customers Also Viewed These Support Documents
Top