Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
540
Views
0
Helpful
1
Replies

How does AnyConnect work with static IP addresses?

dgaikwad
Level 5
Level 5

‎12-22-2019 11:01 PM

Hi Experts,
In our environment, we have some endpoints that have been assigned static IP addresses.
Now, when it goes through compliance check, at that its in the limited access VLAN, but post compliance, as per posture profile, endpoint gets the production IP address.
But, what we are seeing is that, even post compliance, the user does get a pop-up indicating that its getting the full access, although the network address remains from the limited access VLAN...

The question is that, is there is configuration that I am missing from switch or from ISE or from AnyConnect perspective?

Labels:
0 Helpful
1 Reply 1

Mike.Cifelli
VIP Alumni
VIP Alumni

‎12-23-2019 05:51 AM

In your ISE Posture Agent Profile Settings that you configured in ISE under Policy->Policy Elements->Results->Client Provisioning->Resources there is a section named 'IP Address Change'. Ensure/try to enable 'Enable agent IP refresh'. The value should be set to yes.
0 Helpful
Customers Also Viewed These Support Documents