About Kalipso

Kalipso · 10-02-2024

Hello, I'm working on a POC around posture, and we are using ISE for that. Basically we would like to have a dedicated subnet for non-compliant endpoints, another one for compliant endpoints. Now, when secure client connects the VPN, ISE sends the g...

Kalipso · 07-30-2024

Hello, I'm trying to implement Posture using Secure Client module in latest version. As there is no automatic remediation to force the update of our anti-malware solution, I wanted to test a power shell script. So I created a .ps1, signed with a co...

Kalipso · 02-20-2023

Hello, I'm looking for a way to have Anyconnect (NAM) detects classical hotspot captive portals from a corporate endpoint that has Proxy settings pushed by GPO. So basically users go remote, and sometimes they are located in airports or in hotels, wh...

Kalipso · 05-05-2022

Hello,I'm running 3.0 and since version 2.4, each time I perform a maintenance (either an upgrade, a patch, or a reboot), I loose the functionality offered by sponsor and guest portal certificates.They are still present in the configuration at the ri...

Kalipso · 10-05-2021

Hello,I'm trying to use Computer authentication with Azure AD.As Azure AD only works with SAML, and ROPC only allows EAP-TTLS ie user authentication , I'm looking into Intune as a MDM server.I've followed all the procedure here :https://www.cisco.com...

Kalipso · 10-03-2024

Hello @MHM Cisco World, yes sending group policy is ok during authentication/authorization phase. I confirm ACL and SGT work with COA. Sending another group policy is just not working with COA as @Rob Ingram mentioned.

Kalipso · 07-31-2024

So the fingerprint of the PSN admin certificate + code-signing certificate are present in the AnyconnectLocalPolicy.xml. I've no reason to doubt the signature block: my laptop policy is set to AllSigned and I'm able to execute the script from the lap...

Kalipso · 04-17-2023

Ok, so here are some of the points that blocked me. (I didn't even have the browser prompting) - DNS should be able to resolve : www.msftconnecttest.com/connecttest.txt, and ipv6.msftconnecttest.com/connecttest.txt - browser must be able to reach th...

Kalipso · 02-22-2023

Hello @Rodrigo Diaz, It appears that when I enable captive portal detection on NAM profile: when using wired, I've got a message "limited or no connectivity" when using wireless with captive portal, I can't connect, and I've got no browser prompted ...

Kalipso · 05-13-2022

We are not using wildcards, but sponsor and Guest portals share the same tag (and configured on the same interface). I inspected all the portals, and I can see that all of them are using in fact the same tag, but some are on different interfaces, do ...

Member Since	‎10-12-2017 05:36 AM
Date Last Visited	‎10-17-2024 02:09 AM
Posts	20
Total Helpful Votes Received	21

User Statistics

User Activity

Can ASA receive COA to make SecureClient change its VPN IP

Posture remediation script : integrity failed

Network Access Manager cannot detect captive portal through proxy

Need to reimport sponsor & Guest portal certificate after maintenance

Integrating ISE with Azure Intune as MDM

Re: Can ASA receive COA to make SecureClient change its VPN IP

Re: Posture remediation script : integrity failed

Re: Network Access Manager cannot detect captive portal through proxy

Re: Network Access Manager cannot detect captive portal through proxy

Re: Need to reimport sponsor & Guest portal certificate after main