Hi all!Is it possible to configure ISE 1.3 for provisioning AnyConnect 4.0 and pushing certificate (as by using native supplicant)? So, after that, AnyConnect will be able to use EAP-TLS and cert for network access.It will be great, if it is possible...
Hi Tim,
If corporate subnet is 10.x.x.x.(guest+corp). How about the following:
permit 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 udp any dns
permit 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 udp dns any
deny 0.0.0.0 0.0.0.0 192.168.0.0 255.255.0.0 any any any
deny 0.0....
Marvin,yes, I'm aware of SCEP configuration in ISE, and it works fine with NSP. If using NSP, it will talk to ISE and provision certificate for the Windows client just fine. What I'm wondering is how to make it work without NSP, аnd with CPP for Anyc...
Thank you for your reply.Where can I read about how to do this?I can provision AnyConnect with client EAP-TLS authe and it works if there is existing certificate at client PC. If there is no certificate, NAM is not provisioning it to the client. Than...
