Security

Hi,

 

I have configured the wireless service will checks the user health and assigns the role based on the posture status. Here I am able to find the posture status of the endpoint using clearpass onguard agent. The clearpass is enforcing the healthy role post the successful check and the role is getting updated on the controller as well, but the issue is the user laptop is not getting changed to the health role, until the disconnection and connecting back to the wireless, the moment I disconnect the laptop and connect back it gets the healthy role.

 

Please help me….

Are you applying a role with a new vlan or just a firewall change

Hi,

 

Yes, I am sending a new role with new VLAN.

 

You need to make sure that you either add the CoA on the Health Service (If it is an Aruba controller or switch you need add Aruba terminate profile) or you can enable the Agent bounce if you are using the persistent agent.

Hi,

I have configured terminate session on the ClearPass if the agent updates the endpoint status as healthy, but still it’s not happening, if the user disconnects and connects back he is able to get the healthy profile.

 

I am using a persistent onguard agent on the endpoint, If I need to configure bounce, please let me know how I can configure.

 

Regards,

PRASANTH.

Create an Agent Enforcement Profile and Enable to Bounce Client and then you need to add this to the Posture Policy