Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1613
Views
0
Helpful
1
Replies

Posture with AnyConnect - Redirect ACL required?

Aileron88
Level 1
Level 1

‎09-10-2021 02:33 AM

Hi,

 

I'm using ISE 3.0 and am utilising the ISE posture module within AnyConnect with a profile pushed from the ASA headend. 

 

Is the Posture redirect URL required in this instance, as when users connect - even without the URL redirect they are being posture assessed. 

 

Many thanks

0 Helpful
1 Reply 1

Mike.Cifelli
VIP Alumni
VIP Alumni

‎09-10-2021 05:50 AM

Is the Posture redirect URL required in this instance, as when users connect - even without the URL redirect they are being posture assessed. 

-IMO this is really up to how you wish to run the environment.  Essentially if clients utilizing the VPN are already provisioned with the software, proper posture config, and will require no other reason to get redirected to the ISE client provisioning portal (CPP) then the answer is no.  The thought is that most clients utilizing your VPN are probably imaged on site, a member of the domain, and fully setup prior to letting the clients connect remotely.  Lastly, the redirect url is best used for clients that have not been provisioned fully to how you want when connecting hence the redirect steers them to the CPP.  Also, if the clients are getting postured as you wish, removing the redirect url will remove the portal pop up page too.  HTH!

0 Helpful
Customers Also Viewed These Support Documents