Anyconnect Posture assessment and policy server

khaled alodat · ‎10-12-2015

Hi,

I hope that someone can help me with my problem.

Summery :

On Results > clinet Provisioning > resources … I’ve created Anyconnect configuration to download : ISE Posture, VPN, ASA Posture and SBL

On Policy> client Provisioning I created a policy to match the above .

On the ASA 9.3.2 I’ve created a GP and configure it to do COA, a redirect ACL .

Authorization profile has been created with CPP .

Now here is the problem : if I use split tunnel on the Group policy the installation for the above will not be completed , I keep getting cannot connect to host .

When I take the split tunnel out it work fine.

So what I did , I took the split tunnel out and install the Anyconnect parts .

My second problem : EX: I have the VPN, system scan Agents installed on the laptop , with the split tunnel in I keep getting the error : NO POLICY SERVER DETECTED. When I take the split tunnel out everything work fine

Note : THE ISE IP is within the split tunnl … we tunnel only for the private IP’s and I have the DNS split enable.

Your help is appreciated .

Khaled

Anyconnect Posture assessment and policy server

ISE Posture - No Policy Server Detected

Cisco ISE Posture Assessment with Aruba Wireless AP

AnyConnect System Scan: No policy server detected.

Cisco ISE Posture Assessment with Juniper EX Switches

Cisco Secure Client (AKA AnyConnect) Group Policy-based Deployment