Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
568
Views
0
Helpful
0
Replies

Anyconnect Posture module

Oystein Berg
Level 4
Level 4

‎02-14-2014 09:28 AM - edited ‎02-21-2020 07:30 PM

Hi.

Im trying to figure out how to get the posture module working.

1. have adv. endpoint assessement.

2. Added posture as a module in the group policy. (Can see it installing in the anyconnect client)

3. Created a dynamic policy based on the example from Cisco.

Checking that the user is in group = test and adds the "lua" script to check if the users has AV installed. Seems like nothing is beeing checked in the LUA part of dynamic policies. Any ideas?

If i delete the LUA script the user gets denied, when i add it the user gets in without any problems without virus software installed.

LUA Script:

(assert(function()
            local block_connection = true
      local update_days = "15" --days
      local av_lastupdate = update_days*86400
      for k,v in pairs(endpoint.av) do
              if (CheckAndMsg(EVAL(v.exists, "EQ", "true", "string") and EVAL
                 (v.lastupdate, "LT", av_lastupdate, "integer"),
                       "",
                       k.." exists; but last update is greater than 15 days old. 
                           Expecting under 15 days.")) then
                       block_connection = false
              elseif (EVAL(v.exists, "NE", "true", "string")) then
              block_connection = true
              end
      end
      return block_connection
end)())

Where can i check if the client sen the parameters needed to run this script?

Regards Oystein   

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents