any idea of this?
I mean everything i want to do is working fine
The only problem is that when the client is on a state that it unhealty or does not have any onguard installed i redirect him to a remediation webpage in which he can for example download the onguard installer if he doesnt have it(because is the first time he log in the network).
He actually has access to all the network
i bealvie is the cisco acl i got and i dont understand that acl how it works
it denying the access to the clearpass, but in the practice what it does it just redirect it to it, the problem is that i can do rdp to any server,
I can think of a solutino but it will take more work which is create a remediation vlan that will just have specific access to those resourses i want like clearpass in some ports, dns, and dhcp.
But i was thinking to do is just using the same vlan i was using but using the downloadble acls to restrict those access
Carlos