Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1068
Views
5
Helpful
1
Replies

Post migration from ASA to FTD, macOS users not redirected - AnyConnect

dgaikwad
Contributor
Contributor

‎12-06-2020 08:52 PM

Hi Experts,

I have posted this same query on AnyConnect forums, but also wanted get a view from ISE's end.

Last week we have migrated from ASA to FTD. With no changes in policies or any other configuration on ISE's end. The configuration is good as it is.

Issue:
macOS endpoints are not able to find ISE server

Troubleshooting:
After migration its observed that the Windows endpoints are able to connect to VPN just fine. That is when they connect, policy server is detected and posture scan is run and compliant endpoints are granted access.
But with the macOS endpoints, it observed that authentication works, but they are not able to find the ISE server and run the posture.

These same endpoints were working when we were utilizing ASA for VPN access.
I have tested on macOS Catalina and Big Sur, but the end results is the same.
The VPN policies, client provisioning and authorization policies remain unchanged on ISE.

Has anyone faced this issue? Any pointers?

0 Helpful
1 Reply 1