Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
2601
Views
16
Helpful
1
Comments

Cisco ISE Posture Assessment with Aruba Wireless AP

Mitesh Manwatkar
Level 1
Level 1

on ‎01-15-2022 12:46 AM

Hello All, Recently I got an opportunity to perform POC with Cisco ISE (2.7 Patch 4) and Aruba Wireless AP (IAP) to perform 802.1x EAP-FAST (machine + user) authentication followed by Posture Assessment on Windows 10 Machines (installed with AnyConnect 4.9 NAM , Posture and compatible compliance module) I was able to perform all the requirements of client successfully. Most challenging part of to achieve seamless posture assessment using dynamic URL redirect. Attaching the document which can guide everyone to configure the same. Hope it helps. Regards, Mitesh Manwatkar

Aruba_Wireless.zip
185 KB
Comments
Lalit.Teotia
Level 1
Level 1
‎05-26-2023 09:58 AM

Hi @Mitesh Manwatkar 

Thank you for sharing the guides.

Would you mind attaching Aruba side configs like Wi-Fi SSID and Aruba Role configs?

Have you defined ISE PSN FQDN in the "Call Home" list?  

I have tried the suggested configs but facing issue with ISE PSN discovery.

URL redirect to ISE CPP portal is working but Cisco Anyconnect Agent could not detect ISE PSN and it stays at "No Policy Server" detected. 

If i copy ConnectionData.xml file at C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\ISE Posture\ path then Cisco Anyconnect Client Discovers ISE and Posture is successful.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents