Hi, I'm fairly new to anything beyond CCNA topics, and was hoping someone might have a clue about this.
I'm trying to get a new client VPN profile set up on an ASA 5545, and have based it on an existing working profile - new connection profile, new group policy, new DAP entries, but almost exactly identical. The problem is, any connections on the new profile are getting dumped into my catch-all no-access policy, despite the DAP having the same requirements as the original working one. In the AnyConnect logs from my test client, it doesn't look like a posture assessment is happening at all, which would explain what policy is being applied, but.. am I just missing somewhere where you tell a profile to scan a client? I haven't found a guide to setting up hostscan that mentions any config specific to a tunnel-group. Thanks for any ideas!
No comments:
Post a Comment