Results

Authenticate devices using 802.1X using Ivanti Secure Access Client. For example, in the above configuration scenario, users will be assigned Limited access role if the Host Checker compliance fails. A sample screenshot of users trying to access the network using Ivanti Secure Access Client on windows platform is shown below.

You can verify the active users table to view the session details of the user. The user gets a limited access role.

For troubleshooting you can verify the user access logs.

Verify the Switch for the applied Filter-Id. In the below example, Filter-Id applied is non-compliant.

Interface: GigabitEthernet1/0/13

IIF-ID: 0x19C91A80

MAC Address: 0050.56bf.554f

IPv6 Address: Unknown

IPv4 Address: Unknown

User-Name: anonymous

Status: Authorized

Domain: DATA

Oper host mode: multi-host

Oper control dir: both

Session timeout: N/A

Common Session ID: 0A190FCA0000029B7A2669E1

Acct Session ID 0x0000000f

Handle: 0x6d00000f

Current Policy: POLICY_Gi1/0/3

Local Policies:

Service Template: DEFAULT_LINKSEC_POLICY_SHOULD_SECURE (priority 150)

Security Policy: Should Secure

Security Status: Link Unsecured

Server Policies:

Filter-ID: noncompliant

Method status list:

Method State

dot1x Authc Success

The user turn’s ON the Windows Firewall and the Host Checker policy passes and the user connection is successfully established.

You can verify the active users table to view the session details of the user.

For troubleshooting you can verify the user access logs.

Verify the Switch for change of Filter-ID to compliant.

Interface: GigabitEthernet1/0/13

IIF-ID: 0x11BB48C9

MAC Address: 0050.56bf.554f

IPv6 Address: Unknown

IPv4 Address: Unknown

User-Name: anonymous

Status: Authorized

Domain: DATA

Oper host mode: multi-host

Oper control dir: both

Session timeout: N/A

Common Session ID: 0A190FCA0000029C7A2CAD96

Acct Session ID: 0x00000010

Handle: 0x1a000010

Current Policy: POLICY_Gi1/0/3

Local Policies:

Service Template: DEFAULT_LINKSEC_POLICY_SHOULD_SECURE (priority 150)

Security Policy: Should Secure

Security Status: Link Unsecured

Server Policies:

Filter-ID: compliant

Method status list:

Method State

dot1x Authc Success