10-03-2018 01:15 PM
We have a wireless solution for contractors entering our facilities which includes 802.1x via ISE with posture assessment using the temporal agent. Contractor connects to SSID, authenticates and hits our authorization rule for client provisioning. Once connected to the SSID, they open a web browser and get redirected to the PSN and download the temporal agent which scans the laptop to check for anti-malware, etc. the CoA is sent and they then hit the 2nd authz rule to permit access based on an ACL. This is working in several locations with some tweaks to windows defender on the windows laptop. We are now seeing contractors come in, connect to their SSID download the temporal agent, the scan begins and they receive an error saying the laptop cannot contact the policy server. We see the initial radius authentications in the ISE logs, but nothing after that. We ensured the Windows Defender is disabled. We've shut down the windows firewall completely. In one instance a user receives a message that their group policy is blocking it, but the other contractors do not receive this message. We've check ACLs on the WLC and core switches. No firewall blocking access. Has anyone else run into this? How did you resolve it?
Solved! Go to Solution.
10-21-2018 10:39 AM
Please collect the agent logs and do it while the Agent window is still up and get the files in <%TEMP%\TemoralAgent\TemporalAgentLogs\>. The folder might clean up after quitting the agent.
If not already done, you would want to perform packet captures on the client OS and analyze them. Capture a NETSH network trace – benjamin perkins
10-21-2018 10:39 AM
Please collect the agent logs and do it while the Agent window is still up and get the files in <%TEMP%\TemoralAgent\TemporalAgentLogs\>. The folder might clean up after quitting the agent.
If not already done, you would want to perform packet captures on the client OS and analyze them. Capture a NETSH network trace – benjamin perkins
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide