Question on the new feature in 4.6 Management VPN Tunnel. Is there anyway to integrate this with ISE Posture/Compliance module? Example - only pre-connect PC via Anyconnect Management VPN Tunnel IF that PC has latest patches. Just like you could do with user initiated VPN tunnels.
Hi, No, posture would only work when the user is connected to the VPN tunnel. Normally the mgmt tunnel would not be allowed full access anyway, so limit what it can access with a DACL.
Hi, No, posture would only work when the user is connected to the VPN tunnel. Normally the mgmt tunnel would not be allowed full access anyway, so limit what it can access with a DACL.
The above aswer is incorrect. Posture can work for the management-tunnel like it does for a regular connection profile.
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
