Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
960
Views
0
Helpful
3
Replies

Re: ISE-VPN-Posture-Issue

Marcin Zgola
Level 4
Level 4

‎06-24-2016 11:32 AM

I have a similar problem.

I have 2 ASAs setup one with Tunnel Group, Redirect ACL and RAIDUS/ISE Config which when authenticated ISE posture agent runs all the checks.

And another one with LDAP Authentication (NO ISE) and when user authenticate through this one, ISE POsture agent starts the compliancy process again..

How can we filter this?

Thank you

CCIE 18676
0 Helpful
3 Replies 3

pcarco
Cisco Employee
Cisco Employee

‎06-27-2016 01:58 PM

Hello,

Is it just searching for the policy server or actually running the scan?  Do the two tunnel-groups use the same group-policy ?  why do users that authenticate to ldap have the ISE posture module?  Is this tunnel-group that has LDAP authentication configured for Authorization to ISE ?

Best regards,

Paul

0 Helpful

Marcin Zgola
Level 4
Level 4
In response to pcarco

‎06-27-2016 04:16 PM

Second ASA does not have any ISE configurations.  Client runs the full scan but not all the time. Perhaps it caches information from previous VPN session through other ASA.


I will be working on it closely tomorrow.

CCIE 18676
0 Helpful

pcarco
Cisco Employee
Cisco Employee
In response to Marcin Zgola

‎07-12-2016 12:08 PM

Hello ,

Are you still having the issue ?

Best regards,

Paul

0 Helpful
Customers Also Viewed These Support Documents