11-21-2019 07:37 AM
Hi All ,
i have cisco ISE SSH VPN , posture scan i snot working .
on Anyconnect Posture module showing '' No Policy Server Detected ''
from the End-point -CMD , nslookup to the ISE server FQDN is showing timeout (Screenshot is attached )
Solved! Go to Solution.
11-22-2019 07:14 AM
@Mike.Cifelli wrote:
More than likely this is a dacl issue as already mentioned. You have options within ISE to statically set the ip in the authz profile that would help eliminate the name resolution issue as a connectivity test. Obviously your restricted area must be able to reach your ISE PSN that will be performing the posture checks. Something else you could try as a quick test is using your hosts file locally if you are running Windows to statically provide dns. As far as CoA things are concerned for applying different dacls etc. make sure that udp port 1700 is not blocked along the path between your NAD & ISE OR for VPN between your ASA & ISE. HTH!
yes and also checked out the https://cs.co/ise-guides
in particular the one titled ISE Posture Prescriptive Deployment Guide
If still having issues please work through tac
11-21-2019 07:46 AM
11-21-2019 11:03 AM
11-22-2019 07:14 AM
@Mike.Cifelli wrote:
More than likely this is a dacl issue as already mentioned. You have options within ISE to statically set the ip in the authz profile that would help eliminate the name resolution issue as a connectivity test. Obviously your restricted area must be able to reach your ISE PSN that will be performing the posture checks. Something else you could try as a quick test is using your hosts file locally if you are running Windows to statically provide dns. As far as CoA things are concerned for applying different dacls etc. make sure that udp port 1700 is not blocked along the path between your NAD & ISE OR for VPN between your ASA & ISE. HTH!
yes and also checked out the https://cs.co/ise-guides
in particular the one titled ISE Posture Prescriptive Deployment Guide
If still having issues please work through tac
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide