Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
585
Views
0
Helpful
1
Replies

Posture initiation once recovered from Critical auth scenario

Go to solution
dngore
Cisco Employee
Cisco Employee

‎10-04-2018 12:04 AM

Hi,

We are deploying ISE 2.4 with Anyconnect 4.6 and Cisco IOS 15.2.4.E6 on 2960 Plus switch.

Customer wants dACL as authorisation instead of Clan change.

We have defined same data vlan as critical auth vlan.  

 

When switch detects ISE server reachability (recover from critical auth scenario), it starts reinitilaization i.e authentication & authorisation cycle. But it is observed that posture process initiation depends on network change like vlan change (by using IP refresh option). In our case, as we are using same vlan for critical auth, there is no network change detected and hence no posture initiates. 

 

Is there any way that we can start posture based on NAM inputs i.e. basically on authentication event? 

 

How should we tackle this issue?

 

Regards,

D.M.Gore

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎10-21-2018 09:58 AM

When NAM starts DOT1X, it might trigger a network change event. Otherwise, ISE 2.4 and AnyConnect 4.6 have an option to enable "Rescan" Button. Please try that.Screen Shot 2018-10-21 at 9.54.59 AM.png

 

 

 

View solution in original post

0 Helpful
1 Reply 1

Go to solution
hslai
Cisco Employee
Cisco Employee

‎10-21-2018 09:58 AM

When NAM starts DOT1X, it might trigger a network change event. Otherwise, ISE 2.4 and AnyConnect 4.6 have an option to enable "Rescan" Button. Please try that.Screen Shot 2018-10-21 at 9.54.59 AM.png

 

 

 

0 Helpful
Customers Also Viewed These Support Documents