Re: Mac OS cannot posture check on Temporal Agent

jewfcb001 · ‎06-11-2026

Hi All ,
We try to configure Cisco ISE for check posture . I can configure Posture check to windows . It's working fine .But

macOS cannot posture check .

Please advise me .

Rob Ingram · ‎06-11-2026

@jewfcb001 temporal agent is supported on MacOS, but there are limitations compared to windows, see below.

What is configured? What are the symptoms?

jewfcb001 · ‎06-11-2026

@Rob Ingram
Thank you for information .
I configure posture for check anti-malware / firewall check / mac os version . policy same windows but windows can process posture check but macOS not check for condition.

Rob Ingram · ‎06-11-2026

@jewfcb001 please provide screenshots of what you have configured.

jewfcb001 · ‎06-11-2026

@Rob Ingram

Please see screenshot below . If not .Please tell me for menu.

jewfcb001 · ‎06-11-2026

@Rob Ingram
cannot redirect page .

Rob Ingram · ‎06-11-2026

@jewfcb001 can the endpoint device resolve the ISE hostname? If it cannot it won't display the ISE portal page.

Is this Wired, Wireless or VPN? Are you applying a DACL that is blocking communication to ISE?

jewfcb001 · ‎06-11-2026

@Rob Ingram macOS can resolve ise hostname . It's wireless authentication . and DACL we use same configuration with windows.
windows is working fine.

jewfcb001 · ‎06-12-2026

@Rob Ingram
this is acl for redirect to posture check

ip access-list extended ISE_Redirect
10 deny ip any host x.x.x.x
20 deny ip host x.x.x.x any
21 permit tcp any host x.x.x.x eq 8443
30 permit udp any any eq domain
40 permit udp any eq domain any
50 permit tcp any any eq www

x.x.x.x is IP of ISE