When using SSL VPN with NAC, we have NAC configured to assess and remediate AV signatures and OS updates with Windows SUS. The issue we have is the lenght of time it takes (never less than 90 seconds) for SUS to complete the assessment of the remote laptop and the WSUS server to respond with either no updates required or a list of update(s) to be downloaded and installed. According to the logs on the laptop, the SUS service assessing its own patches on the laptop is what takes so long to complete. We opened a call with MS and were told it is what it is.
Anyone else run into this? Anyone know of a way to speed up this process? It works great, but users are frustrated and don't like it because it takes a minimum of 2 minutes to connect with SSL VPN because of our NAC requirements.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...