Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
626
Views
0
Helpful
1
Replies

Endpoint not able to redirect client provision portal URL

prathamesh002
Level 1
Level 1

‎10-04-2022 09:13 AM

Hi @ciscoCommunity @community @ISE @Rob Ingram ,

Greetings for the day.

I am trying to do a posture assessment for my 1 endpoint.
I have configured my Cisco ISE as per below link.

https://community.cisco.com/t5/security-knowledge-base/ise-posture-prescriptive-deployment-guide/ta-p/3680273#toc-hId--232251767

I have created policy set for unknown posture status devices and created client provisioning portal. 

When I connect endpoint to switch I get authenticated successfully also on endpoint url opens but it did not connect to portal url I get error site can't be reached.

I have attached the packet capture as well ACLs gets deploy every time.

Interestingly also when I try to access other URL like google.com (over wifi) it shows me error that "client and server don't support a common SSL version or cipher suite". and when I disable my physical interface I am able to access other URLs. 

can you please check this issue?

Some switch config snaps may require are below.

prathamesh002_0-1664899978475.png

 

prathamesh002_1-1664900008925.png

 

Best Regards,
Prathamesh Padosakar

posture2.zip
0 Helpful
1 Reply 1

hslai
Cisco Employee
Cisco Employee

‎10-06-2022 05:20 PM - edited ‎10-06-2022 05:21 PM

@prathamesh002  The DNS server is unable to resolve your ISE node(s) so likely missing the record(s).

0 Helpful
Customers Also Viewed These Support Documents