Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
216
Views
0
Helpful
2
Replies

Keep session active after workstation reboot

Go to solution
Didier587
Level 1
Level 1

‎04-14-2025 08:17 AM

Hello everyone,

I am contacting you about a use case.

In our network we configured a DACL for reimaging the devices through Wired access, the users first authenticate through CWA with AD, and then they join this reimage DACL with access to assets needed for reimage. but while reimage is occurring the device restarts many times and after restart he lost the session for reimage dacl, and need to reauthenticate. but because no access to browser during the reimage the user can`t authenticate and the reimage process failed. What is the way to keep the port session in the reimage dacl without need to reauthenticate after restart?

Can you help us ?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎04-15-2025 03:17 PM

With this flow, the only way I can think of to accommodate this would be to use the Remember Me flow to give the endpoint access based on the Endpoint ID Group you have associated with the Portal and Guest Type. The problem is that the Endpoint Purge policy only runs once a day, which is a large window of time to allow.
https://community.cisco.com/t5/security-knowledge-base/ise-guest-access-prescriptive-deployment-guide/ta-p/3640475#toc-hId--916002297

Alternatively, you might look into implementing something in your build process to provide temporary credentials or API calls.
https://community.cisco.com/t5/network-access-control/pc-imaging-on-nac-secured-ports/td-p/3486098

 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎04-15-2025 03:17 PM

With this flow, the only way I can think of to accommodate this would be to use the Remember Me flow to give the endpoint access based on the Endpoint ID Group you have associated with the Portal and Guest Type. The problem is that the Endpoint Purge policy only runs once a day, which is a large window of time to allow.
https://community.cisco.com/t5/security-knowledge-base/ise-guest-access-prescriptive-deployment-guide/ta-p/3640475#toc-hId--916002297

Alternatively, you might look into implementing something in your build process to provide temporary credentials or API calls.
https://community.cisco.com/t5/network-access-control/pc-imaging-on-nac-secured-ports/td-p/3486098

 

0 Helpful

Go to solution
Didier587
Level 1
Level 1
In response to Greg Gibbs

‎04-17-2025 06:16 AM

Hello,

Sorry for my late reply your answer is very useful.

We will use the first solution.

Thank you.

0 Helpful
Customers Also Viewed These Support Documents