On Results > clinet Provisioning > resources … I’ve created Anyconnect configuration to download : ISE Posture, VPN, ASA Posture and SBL
On Policy> client Provisioning I created a policy to match the above .
On the ASA 9.3.2 I’ve created a GP and configure it to do COA, a redirect ACL .
Authorization profile has been created with CPP .
Now here is the problem : if I use split tunnel on the Group policy the installation for the above will not be completed , I keep getting cannot connect to host .
When I take the split tunnel out it work fine.
So what I did , I took the split tunnel out and install the Anyconnect parts .
My second problem : EX: I have the VPN, system scan Agents installed on the laptop , with the split tunnel in I keep getting the error : NO POLICY SERVER DETECTED. When I take the split tunnel out everything work fine
Note : THE ISE IP is within the split tunnl … we tunnel only for the private IP’s and I have the DNS split enable.