Login scripts not running with AnyConnect NAM and ISE 1.2
I am using AnyConnect 3.1 NAM as my 802.1x supplicant for ISE 1.2. When users log in with EAP Chaining (User and Machine Auth), the login script seems hit or miss on if it runs to map their drives. If I uninstall the NAM client, they map drives every time. I would think that running a login script to map drives is a common scenario and I was wondering if anyone else using AnyConnect NAM was having similar issues or how they were dealing with it.
I'm having the same issue, but only when wired. I'm only using AnyConnect NAM for laptops at this time and when it's wireless, the login script runs fine. When wired, no login script even attempts to run. I don't know what the problem is.
I have the same issue and I solve the issue with change these parameters.
1.- You must change on configuration profile "before user logon". I have 5 seconds
2.- You must change on configuration profile "port authentication Exception policy" and you must enable checkbox "enable port exceptions" and select "allow data traffic before authentication"
3.- You must enable in the option of interface Ethernet Intel on PC "Wait for link" this option It's in "configured advanced of Intel. You must select "on" in this option.
4.- (this recommendation it was by Cisco)
Active Direct GPO has a setting "Computer Configuration\Administrative Templates\System\Logon\ Always wait for the network at computer startup and logon" that can be enabled to make the logon scripts wait till 802.1x authentication is completed.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :