cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

589
Views
0
Helpful
1
Replies
Aileron88
Beginner

Posture with AnyConnect - Redirect ACL required?

Hi,

 

I'm using ISE 3.0 and am utilising the ISE posture module within AnyConnect with a profile pushed from the ASA headend. 

 

Is the Posture redirect URL required in this instance, as when users connect - even without the URL redirect they are being posture assessed. 

 

Many thanks

1 REPLY 1
Mike.Cifelli
VIP Advisor

Is the Posture redirect URL required in this instance, as when users connect - even without the URL redirect they are being posture assessed. 

-IMO this is really up to how you wish to run the environment.  Essentially if clients utilizing the VPN are already provisioned with the software, proper posture config, and will require no other reason to get redirected to the ISE client provisioning portal (CPP) then the answer is no.  The thought is that most clients utilizing your VPN are probably imaged on site, a member of the domain, and fully setup prior to letting the clients connect remotely.  Lastly, the redirect url is best used for clients that have not been provisioned fully to how you want when connecting hence the redirect steers them to the CPP.  Also, if the clients are getting postured as you wish, removing the redirect url will remove the portal pop up page too.  HTH!

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube