Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
175
Views
0
Helpful
1
Replies

Cisco ISE can not get endpoint profile Iphone connect through VPN

Da ICS16
Level 1
Level 1

‎07-09-2024 12:46 AM - last edited on ‎07-09-2024 01:40 AM by Community Manager

Dear Community,

We have facing an issue with Cisco ISE can not get endpoint profile from iPhone device which connected through VPN (Anyconnect Client VPN). We have tried to create custom profiling condition and profiling policy, but seem no help. We would need your assistance to troubleshooting this issue.

New Profiling Condition:

-Attribute Name: device-platform

-Operator: CONTAINS

-Attribute Value: apple-ios

 But, we can get the endpoint profile from Android Phone.

Purpose: can review VPN mobile when user try connect via phone ( IOS and Android ). It would be grate if we can apply posture check to deep dive secure on it.

Well appreciated for your commend and supporting.

Best Regards,

 

 

 

Labels:
0 Helpful
1 Reply 1

ccieexpert
Level 4
Level 4

‎07-09-2024 07:52 PM

take a look at this:

https://community.cisco.com/t5/network-access-control/ise-not-profiling-iphone-via-vpn-using-acidex/td-p/4038830

i think the MAC is still not send.. so it may not be profiling.. but look at the authorization rule you can assign based on other attributes..

0 Helpful
Customers Also Viewed These Support Documents