06-24-2023 06:39 PM
Hello guys,
I'm deploying the ISE posture policy and I run into the AnyConnect Posture return "No Policy Server Detected" as shown below.
The switch and machine are able to reach to the ISE ip and dns name.
I created the ISEPostureCFG.xml file and save it at "C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\ISE Posture\"
The ISE AnyConnect Profile
I configured the Client Provisioning, Policy Element, Posture Policy and Policy Set.
Maybe there is a config missing or incorrect, not sure where I start to troubleshoot. Please assist me on this issue.
Solved! Go to Solution.
06-28-2023 04:41 AM
How many ISE nodes do you have? and does the endpoint use any proxy for web traffic?
06-29-2023 02:08 PM
Hey guys, it is only one ISE and direct connection, No Proxy.
No upstream firewall or ACL. No custom portal setting. Using the default one. I will try to change the setting and see if that helps
06-30-2023 12:40 PM
Okay, I knew it there is something in the switch. I used another switch and the URL redirecting works fine.
07-02-2023 03:00 PM
In that case I would compare the aaa config on both switches, including the redirect ACL, as well as the ensuring the http server is enabled on the switch. If you want to keep the http server enabled on the switch but denying any access to the switch http portal then you can use the following command:
ip http active-session-modules none
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide