Network Access Control

Hello,

Someone please help...I am using (or trying to use) a DHCP enforcer...the log in my clients show Host integrity check disabled and I don't know why. If I create a policy for the client to fail the client shows Network Access Control Allowed but it receives a quarantine IP.

I have also noticed in General Information within Troubleshooting in the client that Security Policy Compliance is Disabled and SNAC status is unknown or not connected...but the communicatino with the SEPM is fine.

Any ideas anyone?

First off, let me say I am not an expert with the DHCP enforcer. There are very few users in the community that have experience with this product.

I will try and help if I can.

What version is your SEPM? What version Enforcer are you running?

Best,

Thomas

The information you have provided is too general to determine the best troubleshooting path.

You would need to verfiy enforcer connectivity to the manager

You would need to check the agent profile settings

You would need to verify the DHCP production and quarantine scope settings set in the managment console are correct

The fontline team for SNAC should be able to walk you through configuration issues.  If you can focus your question a bit more, we might be able to help you here on the forums.

hi,

If the problem is still there, can you please check the settings on SEPM for HI policy whether it is set to 'never check host integrity'. if it remove the check from it and set it agains the 'when connect to DHCP'.