cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11308
Views
10
Helpful
6
Replies

ISE Client Provisioning Portal

mrshahid
Level 1
Level 1

Is it possible to START the Device Security Check process automatically once user is successfully authenticated on Cisco ISE.

ISE automation.png

1 Accepted Solution

Accepted Solutions

Hi,

Can you be more explicit? My understanding is that you have AC installed (NAM + Posture) and the posture module doesn't kick in when you login on your windows machine?

 

Have you tried configuring your posture xml file with a call home server? (that would be any dns resource for which you want to force the redirection to happen)

 

(maybe this can help https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/210523-ISE-posture-style-comparison-for-pre-and.html)

 

Thanks,

Octavian

View solution in original post

6 Replies 6

I'd like to know this as well. I don't want internal users to see this page... They shouldn't in general b/c we're pushing out all of the needed files. I just want the posture module to start the scan. Did you ever get this sorted out?

Still looking for solution. :(

Hi,

Can you be more explicit? My understanding is that you have AC installed (NAM + Posture) and the posture module doesn't kick in when you login on your windows machine?

 

Have you tried configuring your posture xml file with a call home server? (that would be any dns resource for which you want to force the redirection to happen)

 

(maybe this can help https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/210523-ISE-posture-style-comparison-for-pre-and.html)

 

Thanks,

Octavian

Yes we have AC with Posture Module.
1. User enters login credentials - VPN status is 'connected'
2. Posture module starts checking for compliance - Status shows 'compliant'
3. Automatically a new browser window or tab is opened (ISE redirection) asking for device security check.
4. End user at this stage can access internet only. Unless they clicks on 'start' button on this new Client provisioning portal, they cannot access any intranet resources.
5. I am looking for a way to automate 'Client provisioning portal' check. End user need not click on start button to be able to access internal resources.

Hi,

 

Have you read the link I posted? ISE can do posture checks without redirection..

 

Thanks,

Octavian

I missed it. Will read that post and reply later. Thanks for quick reply.