Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
As Colby mentioned, do not put a PSN in the Discovery Host field. AnyConnect uses a process to "discover" the hosting PSN to trigger posture to start.Discovery host is the first method tried before falling back to other methods such as default gatewa...
Theres quite a bit of information needed to help here.Is the new PSN across a WAN from the PAN?Is it behind a firewall from the PAN? To start, you need to ensure you have the following ports open bi-directionally between your nodes:HTTPS (SOAP): TCP/...
You can make a custom authz result that pushes the redirect ACL and redirect URL avpairs to push to whatever page you want.Access Type = ACCESS_ACCEPTcisco-av-pair = url-redirect-acl=ACL_WEBAUTH_REDIRECTcisco-av-pair = url-redirect=https://whateverpa...
Please share your auth rules to be sure your 802.1x rule does not have any coorelation with MAB. Really though, wifi should only be doing MAB or dot1x, not both. If you want to use dot1x, please ensure MAC filtering is disabled on the wlan.
