Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1130
Views
0
Helpful
2
Replies

Configuring JAMF + VPN + ISE

dgaikwad
Level 5
Level 5

‎03-05-2019 04:41 AM

Hi Experts,

I am trying to configure the following use-case and its flow is as follows:

1. If the user has laptop registered with JAMF, then posture check happens on JAMF and based on the response, the user is granted access to the internal network.
2. If the laptop is not registered with JAMF, then
3. User authenticates with ISE
4. ISE sends MDM page to allow the user to register his device
5. Post registration the use is granted access to the internal network

Now, what is the happening is that the redirect ACL and authorization policy is getting applied. But, still the user is not able to get to the JAMF registration.

Whereas I am able to access the same page, from outside when not connected to the internal company network via VPN.
The question that remains is that, has this been done earlier? Or am I missing something with the configuration?

0 Helpful
2 Replies 2

howon
Cisco Employee
Cisco Employee

‎03-05-2019 08:08 AM

During the redirected state, the endpoint will try to download the JAMF client and register. You will need to allow the endpoint to download site and registration with the redirect ACL.

0 Helpful

dgaikwad
Level 5
Level 5
In response to howon

‎03-12-2019 03:07 AM

Was able to resolve the issue. Had to add the entire subnet in the redirect ACL on ASA for JAMF cloud.
Post that, when an user connects via VPN and is not already registered, get redirected to registration page.
Post registration get the access to the internal network.

0 Helpful
Customers Also Viewed These Support Documents