Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
779
Views
0
Helpful
4
Replies

NAC - http-redirect

Go to solution
immerm
Level 1
Level 1

‎05-03-2005 05:01 AM - edited ‎02-21-2020 12:07 AM

Hi,

I have a problem with http redirect function, it doesn't work neither from ACS config nor staticly through identity policy.

Does anyone have a idea what can be wrong ?

Address : 172.16.88.28

Interface : Async80

AuthType : EAP

PostureToken : Quarantine

Age(min) : 0

URL Redirect : http://192.168.134.10/nac

ACL Name : #ACSACL#-IP-Quarantine-42763b00

Revalidation Period : 1800 Seconds

Status Query Period : 30 Seconds

Current State : AUTHENTICATED

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
pcomeaux
Cisco Employee
Cisco Employee
In response to immerm

‎05-03-2005 01:22 PM

Hi Michael -

Ok - if you can go to the internet and the intended page and have NAC enabled, you are right - your URL redirects are not working.

You need to change the Quarantine ACL that is downloaded from the ACS server to deny the access for the URL redirects to work.

Does this help?

thanks

peter

View solution in original post

0 Helpful
4 Replies 4

Go to solution
pcomeaux
Cisco Employee
Cisco Employee

‎05-03-2005 05:35 AM

When I first tested URL redirects, mine did not work either.

The ACL that applies to the user (in this case, a DACL Quarantine ACL from ACS) needs to block the user's access to the intended web page for the URL redirect process to be invoked. If the user is permitted access to the URL they are attempting to go to by the ACLs that apply to them, the user will not experience the redirect.

The 2nd thing to check would be whether the same ACL permits access to the 192.168.134.10 server so that once the URL redirect process kicks off, the user will not be denied access to the URL that you attempting to redirect to.

Please confirm these 2 items and then we can continue from there.

thanks

peter

0 Helpful

Go to solution
immerm
Level 1
Level 1
In response to pcomeaux

‎05-03-2005 05:51 AM

Hi Peter,

used ACL is permit ip any any now, I can go to the intended page as well as to the internet.

Michael

0 Helpful

Go to solution
pcomeaux
Cisco Employee
Cisco Employee
In response to immerm

‎05-03-2005 01:22 PM

Hi Michael -

Ok - if you can go to the internet and the intended page and have NAC enabled, you are right - your URL redirects are not working.

You need to change the Quarantine ACL that is downloaded from the ACS server to deny the access for the URL redirects to work.

Does this help?

thanks

peter

0 Helpful

Go to solution
immerm
Level 1
Level 1
In response to pcomeaux

‎05-06-2005 08:28 AM

Hi Peter,

- Yes, it realy does.

Great thanks,

Michael

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card