Solved: Re: ISE - no policy server detected - Page 2

JustTakeTheFirstStep · ‎07-02-2019

Hi. everyone.

I want "Anyconnect system scan" to work on all PCs.

However, some "WINDOW10" does not run "System scan".

PCs that do not have a "system scan" in common have a "no policy server detected" message.

Another commonality is that Security Products does not show anything.

Attach the screenshot below.

Please help me ...

subrun.jamil · ‎02-03-2021

I have 2 PSN and Policy Service Perspective both PSN can serve for. Question is If I use ISEnode1 is Discovery Host , Posture will always be done by ISEnode1 ?

And on what condition User Posture can go to ISENode2 ?

Yes Snika, I have this problem. settings wise I have ISEnode1 in Discovery Host and in the AnyConnect Unknown Compliant Auth Profile it has ISEnode2 as Static Host.

Marcelo Morais · ‎02-03-2021

Hi @subrun.jamil

a better practice is to place an URL (internal or external URL, for ex.: intranet.company, www.google.com) on the Discovery Host that will trigger the Redirect URL (do not use the PSN).

Note 1: AnyConnect already tries enroll.cisco.com so use a different URL.

Note 2: on the Call Home List you could have: a list of PSNs or Load Balance.

Hope this helps !!!