Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
378
Views
0
Helpful
2
Replies

MS Group policies and Clean Access

jbogdan
Level 1
Level 1

‎12-14-2005 07:52 PM - edited ‎03-10-2019 01:33 PM

I would like to know if there is a way to allow MS group policy traffic to pass through to a Clean Access protected PC. There is a need to push group policy traffic during boot of the PC and this PC sits on a Clean Access protected network. Also, these PC's will need to receive "pushed" AV updates from our server and will not necessary be "logged in" via Clean Access but will be attached to the network. Thank you.

Labels:
0 Helpful
2 Replies 2

kbeltz
Level 1
Level 1

‎12-20-2005 02:03 PM

Check group mappings for Network Admission Control (NAC) databases to verify that the correct user groups are associated with each system posture token (SPT). In the user groups configured for use with NAC, be sure that the Cisco IOS/PIX cisco-av-pair VSA is configured correctly. For example, in a group configured to authorize NAC clients receiving a Healthy SPT, be sure the [009\001] cisco-av-pair check box is selected and that the following string appears in the [009\001] cisco-av-pair text box

0 Helpful

jbogdan
Level 1
Level 1
In response to kbeltz

‎12-20-2005 06:06 PM

Being new to the system your help is appreciated.

We currently do not use mappings which I have to assume you refer to in the section User Management\Auth Servers\Mapping Rules. I will also assume this is an attribute and not a VLAN? What would be the attribute?

Finally, where do I find the [009\001] check box?

0 Helpful
Customers Also Viewed These Support Documents