Trusted Contributor I

OnGuard health checking enforcement policies

if I run the OnGuard agent in health checking only mode (bit of a shame that with authentication and health checking I need to enter credentials again and they can't be taken from system) I see the requests nicely in the ClearPass (defined a corresponding web auth health check only service) and the settings to check match perfectly with the client devices


but the enforcement part is an issue. so far the only working action seem to be to bounce the interface on the client via the agent enforcement profile. which is nice to see working but then the client just connects again and everything starts over.


i would like to do something with the VLAN, for example with radius CoA / SNMP / CLI / ... but how can I make the link between the device / port where the client is connected from in the ClearPass.


any other options are welcome also, anyone here experience have with this?