Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
696
Views
5
Helpful
2
Replies

ISE POSTURE COA ISSUE

tohuindo
Level 1
Level 1

‎07-30-2022 11:39 AM

Posture is configured, and users must be compliant before being reassigned to their respective vlan. But in order for them to be able to check their posture status they are assigned to a temporary vlan that grant them minimal access to the network.

They match the temporary vlan policy when their eap-chaining is fully successful or when the machine authentication is successful. Now the issue is that most users get in that temporary vlan and received their posture and then a coa is sent so they can leave the temporary policy to go to their appropriate vlan but some users got sticked in that temporary vlan even though they were compliant 

0 Helpful
2 Replies 2

Marcelo Morais
VIP
VIP

‎07-31-2022 05:52 AM - edited ‎07-31-2022 05:52 AM

Hi @tohuindo ,

 1st double check the Posture Status at Work Centers > Posture > Reports > Reports > Posture Reports > Posture Assessment by Endpoint.

 2nd compare the Endpoints that are not OK with the Endpoints that are OK:

 a. double check if they have the same Authorization Rule (at Operations > Reports > Reports > Endpoints and Users > RADIUS Authentication).

 b. double check if they are in the same SW.

Note: for a better understand of the Posture flow, please check the ISE Posture Flow in ISE 2.2 Compared to Earlier ISE Versions.

Hope this helps !!!

tohuindo
Level 1
Level 1

‎08-01-2022 06:49 AM

Thank you for reply i will try to work on it and if anything i will let you know

0 Helpful
Customers Also Viewed These Support Documents