Have machine authenticate and dot1x with session timeout 10800. CPPM behaves that whenever timeout is finished, client goes quarantine vlan, then web auth starts for posture check, lastly if it is healthy goes full access vlan. It is not good for employees, because when employees work, suddenly connection is lost about 30-45 seconds even if it was on access vlan.
An other issue is; our onguard run as BothServiceAndAgent. When user connects his/her client, onguard immediately starts health check, and client goes inaccessable about 10 - 15 seconds (5-6 packet loss) if it is healthy. Similarly user disconnect his/her PC same things happen.
When client is disconnected not signed out, Onguard is still running, but not trigger any new web auth periodically. After client connect, it will trigger immediately. From this behavior as we understand onguard does not trigger a web auth without user connected if any health check interver set.
I want to configure 2 things;
Run health check every 1 hour without any network connectivity lost. I mean without any COA after web auth. Only if client is not healthy, COA should send client to quarantine vlan.
When user connect or disconnect on his/her machine, PC will not be interrupted.
Is there any way to configure these? I am waiting for your help.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.