Tried to implement 1 day Posture lease time with 4 hours PrA.
If I switch on Reassessment Enforcement, and re-connect a Compliant machine again to net,
it is force a posture check every time.
At ISE posture logs I see a Compliant entry ("Bypass posture since the endpoint is compliant" ),
but immediately afterwards I see a
PRA INFO: PRA is starting
and after this the client preforms a complete re-check.
Please make sure the you have a authz policy with condition that includes session: Agent-request-type = Periodic reassessment.
Periodic reassessment requires machine to be compliant and also choose the appropriate option when configuring Periodic reassessment
from Administration>System>Setting>Posture>Reassessment, choose the enforcement type continue.
Retrieving data ...