Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
354
Views
0
Helpful
2
Replies

policy set not working

zacht5476
Level 1
Level 1

‎10-08-2025 10:00 AM

I'm in a testing environment, i'm going only passiveID no network devices. I deployed the PIC agent on the DC and everything is working, however when i tested the policy set to deny access based on the AD groups it still grant access. what im i missing?

 

the reason why im not using network devices is because im in the military and the NEC controls all the network devices and i am not allowed to touch them.

0 Helpful
2 Replies 2

k2no
Level 1
Level 1

‎10-08-2025 01:10 PM

Hi, 

I suppose you deployed an agent from the ise directly ?

Check if you domains controller are reachable by the ise in the work center, also if the agent itself is running in the DC machine.

Also check if you don't have any flows blocked by you firewall or any act that could drop the traffic between the ise and your DC. Port 9095 has to be allowed. 

0 Helpful

zacht5476
Level 1
Level 1
In response to k2no

‎10-08-2025 01:16 PM

yes, its reachable and no firewalls are blocking it

0 Helpful
Customers Also Viewed These Support Documents