View Only
last person joined: 2 days ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).

Trouble with ClearPass (CPPM) and AnyConnect SSL-VPN connection

This thread has been viewed 14 times
  • 1.  Trouble with ClearPass (CPPM) and AnyConnect SSL-VPN connection

    Posted Nov 28, 2022 04:39 AM


    I have problem with configuring AnyConnect SSL-VPN with ClearPass (CPPM).

    I have to set up checking compliance with the requirements when connecting remote employees. And if they don't compliance the requirements, they need to be quarantined Lan.

    When employees connect to the network through AnyConnect, because they have not yet been verified, they are assigned the status "Unknown" in OnGuard . And they are placed in the "quarantine" group. After that, OnGuard connects to CPPM and changes the status to "Healthy" in OnGuard .
    After that, the user have to leave the "quarantine" group and have to assing in his group.
    User cann't reuthentication automaticly after the status change. As if the VPN connection events and the compliance check are different events.

    Has anyone done this? How did you do that?

    I use CPPM - 6.10.7, AnyConnect - 4.6, ASA - 9.9.