Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
197
Views
0
Helpful
1
Replies

Some doubts on Posture with and without Agent on Wireless

pemasirid
Level 1
Level 1

‎03-08-2015 12:26 PM - edited ‎03-10-2019 10:31 PM

Hi,

I would like to know how the posture will work in a situation when we only want to have posture verification only for certain users (like department, location etc) connect via wireless.

As we need to have posture on phase by phase but with a single policy, need to restrict posture validation for only for certain users and others should effect once they installed the agent (NAC/AnyConnect). This is possible on a wired situation such as we can have seperate Authz policy like NAD equal or not equal with its IP address but in a wireless users having 1 WLC we are not sure how to achieve this.?

We tried with a PC having agent installed and without installed and both PCs is trying to hit the same 1st comes rule.

Appreciate if anyone has tried this and got a solution to let us know.

 

thanks

 

 

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎03-08-2015 05:27 PM

Under Policy > Posture > Other Conditions you can define exact user/machine AD groups that you want to perform posture assessment on. Then in your authorization policy you can use the same AD groups to decide which users/machines get redirected for posture assessment and which would not. 

I hope this helps!

 

Thank you for rating helpful posts!

0 Helpful
Customers Also Viewed These Support Documents