Recently I have been on a BYOD/ Enterprise mobility project.
As part of this project we are deploying CISCO ISE.
at first network engineer could not work out why the authentication box was missing need to start the wire, so my problem
Could not get the SOE\MOE device to authenticate against the switch. Basically the prompt for auth would never happen. Stock devices were okay.
Pretty sure it was Symantec EndPoint
Symantec couldn't understand the different between Symantec NAC and CISCO ISE. Sigh. I repeated myself about 20 times.
All I got was articles about Symantec NAC.
When Symantec looked at the policies they didnt check what policy was being used on the device. (I am not AV Engineer)
The default firewall policies has a bunch of exceptions at a very low level to allow the 802.1x requests. Once I added these into the policy.. everything worked. :)
No comments:
Post a Comment