cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1964
Views
10
Helpful
4
Replies

Policy server not found

erga
Level 1
Level 1

I am facing a very frustrating issue with newly imaged machines. Even when they have all the GPOs when connecting to wired or wireless the redirection to ISE does not happen. Proved this with a wireshark capture. They get redirected only when on VPN, the connectiondata.xml file gets created then there are no issues. They get redirected on wired/wireless

 

Spent countless hours troubleshooting this, I'm at loss as to what is happening. All the configurations are correct, ACLs are correct.

 

What other ways are there to redirect a user to the ISE portal for provisioning besides the dACL/ACL method

4 Replies 4

Hi @erga ,

 if my understanding is correct, you are talking about Posture - from Unknown to Compliant.

 In your case it looks like that Wired & Wireless reach the Posture status Unknown, but there is no redirection to Posture status Compliant.

 if this is your case, please take a look at: ISE Posture Flow in ISE 2.2 Compared to Earlier ISE Versions, search for Posture Flow in ISE 2.2.

"...

Step 12. In ISE 2.2, Posture process is divided into two stages. First stage contains set of traditional posture discovery probes to support backward compatibility with deployments which relays on URL Redirect.

...

Step 14.Stage two contains two discovery probes which allows AC ISE Posture Module to establish connection to the PSN where session is authenticated in environments where redirection is not supported. During stage two all probes are sequential.

..."

 

Hope this helps !!!