hi,
we have aruba controller and cisco swithc 3560with 12.2(58) version
i have done all wireless configuration its working good,and i have created posture for wireless connection als its working good
i want to create wired authentication for our emoloyee on cisco switch,authentication via our dc
and i dont want to install agent in our employee ps, i want the cisco switch to redirect them to onguard port and check ,
i have created wired service and policy , in the policy i have created a profile with cisco dacl template that check if the user is [user auth] and [mac auth] he will get ip any any acl
and another profile that chek for posture if its healthy
if all this match he will get full access
second rule:its check if the tips[user auth] and [mac auth],
and if the posture not healthy
i dont know which profile should i assign for the second rule,
if the user authenticated but its not healthy i want cisco switch to rdirect him onguard without installing agent and check his pc,
could you please tell me what configuration should i do on cisco and clearpass profile,
note:i dont want to redirect him to another vlan,, i want to use Dacl attr
thank you