Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Posture validation in SOHO - Extended wireless from corporate

Hi,

 

I have a customer moving from Cisco NAC based solution to Cisco ISE.  NAC should be provided to wireless and the SOHO users(wireless).  We implemented airspace ACL on the Cisco ISE, which will push the ACL to wireless Aps(flexconnect acl) based on the posture validation. If the posture validation fails, ACL specific to a particular end point will be pushed into AP.

 However, the same airspace ACL is not working on the VPN routers(800 series). VPN routers integrated wireless solution doesn’t understand the airspace ACL av:pair and don’t think we can configure flexconnect ACLs on the SOHO routers. Do you think of anyother idea where we can enforce the ACL based on the posture validation?. Downloadable acl works on an interface. I don’t think it can be enforced on per-user basis.

Is there any way to push the ACL? Do posture validation & remediate the end point with limited access?

 

Pardon me for my gmail account. I  havnt received the BT id yet.

 

Thanks,

Ramesh

 

33
Views
0
Helpful
0
Replies
CreatePlease to create content