09-28-2018 07:28 AM
Hello,
In a ISE 2.3 environment with Anyconnect ISE Posture module deployed manually in Workstation, the profile ISEPostureCFG.xml is mandatory at first scan/connection for endpoint find and connect with Service Policy?
Or Endpoint will find and connect with Service Policy even without ISEPostureCFG.xml at first scan and after that, dowload the profile from ISE Server?
Best Regards,
Solved! Go to Solution.
09-28-2018 08:47 AM
If you have your URL redirection working for posture discovery you do not need an ISEPostureCFG.xml configured on the device. A fresh install of AnyConnect Posture Module should work. If you don't have your posture discovery working then you need the XML file to prime a call home list to get the posture module to find a PSN to talk to.
09-28-2018 08:05 AM
09-28-2018 08:47 AM
If you have your URL redirection working for posture discovery you do not need an ISEPostureCFG.xml configured on the device. A fresh install of AnyConnect Posture Module should work. If you don't have your posture discovery working then you need the XML file to prime a call home list to get the posture module to find a PSN to talk to.
05-02-2019 08:50 AM
We are also trying to get our Posture discovery to work with a fresh/manual install of AnyConnect. But,the client does not seem to be getting the ISEPostureCFG.xml file.
So what does "If you have your URL redirection working for posture discovery" mean exactly. We do have the ISE Client Provisioning Portal configured, but we have not done any redirection configuration on any switches or WLC's, nor in the authentication policy it self. What needs to be configured for AnyConnect to get the ISEPostureCFG.xml file?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide