cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

6003
Views
0
Helpful
10
Replies
Highlighted
Beginner

ISE - no policy server detected

Hi. everyone.

I want "Anyconnect system scan" to work on all PCs.

However, some "WINDOW10" does not run "System scan".

PCs that do not have a "system scan" in common have a "no policy server detected" message.

Another commonality is that Security Products does not show anything.

Attach the screenshot below.

Please help me ...

 

20190702_193104.png20190702_193109.png

3 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Cisco Employee

Re: ISE - no policy server detected

Highlighted
Beginner

Re: ISE - no policy server detected

Thank you for answer.

I solved this problem.

The cause of the problem was "Discovery host".

I entered the IP of the ASA in the "Discovery host" in the ISE.

The "Discovery Host" caused a redirection problem.

Using "call-home list" instead of "Discovery Host" solved the problem.

TAC recommends the use of "Call-home list".

The reason is that the client communicates directly with the ISE without going through the NAD.

View solution in original post

Highlighted
Beginner

Re: ISE - no policy server detected

ALC7E83.png

 

Sorry for the late response.

Enter IP or FQDN in the call home list.

View solution in original post

10 REPLIES 10
Highlighted
VIP Collaborator

Re: ISE - no policy server detected

Please share your Client Provisioning Policies so we can better assist. As well as any other information that may better assist us.
Highlighted
Cisco Employee

Re: ISE - no policy server detected

Highlighted
Beginner

Re: ISE - no policy server detected

Thank you for answer.

I solved this problem.

The cause of the problem was "Discovery host".

I entered the IP of the ASA in the "Discovery host" in the ISE.

The "Discovery Host" caused a redirection problem.

Using "call-home list" instead of "Discovery Host" solved the problem.

TAC recommends the use of "Call-home list".

The reason is that the client communicates directly with the ISE without going through the NAD.

View solution in original post

Highlighted
Beginner

Re: ISE - no policy server detected

Hi could you shared ASA configuration call home list

Highlighted
Beginner

Re: ISE - no policy server detected

ALC7E83.png

 

Sorry for the late response.

Enter IP or FQDN in the call home list.

View solution in original post

Highlighted
Beginner

Re: ISE - no policy server detected

Hi

 

We have a problem where we are still getting no policy server detected on endpoints. We do not have any proxy configured on ISE or endpoints. We have also configured Call home list but we are still facing the issue.

 

Thanks,

 

Aravind.

Highlighted
VIP Collaborator

Re: ISE - no policy server detected

In your Posture Agent Profile Settings in ISE the discovery host should be set to the PSN IP Address you wish to use to scan your hosts. As by design here is where you tell the AC agent to connect to your server AKA ISE for posture checks/scan. HTH!
Highlighted
Beginner

Re: ISE - no policy server detected

Hi, we used ASA to provision posture module, it work OK, but error appear saying No policy Server detected.

 

Highlighted
Beginner

Re: ISE - no policy server detected

Did you left your DH empty on your solution? and only have the Call-home list with the PSN fqdn/ip address?

Highlighted
Beginner

Re: ISE - no policy server detected

See the answer above.
I just attached a screenshot.