Network Access Control

Hi i m Sushant, trying to run a vbs script though NAC then take generated output txt file by ftp to server. but when i m running it thorugh NAC componant, 1st time client m/c gets default Quarantine showing in NTP log that outgoing traffic is blocked port 21 but after 5-10 seconds the script again run as host integity set for 1 min. & then it run successful. my doubt is that we have not blocked ftp for outgoing so how to check & solve pls guide.

how to check resolve

Not 100% sure am understanding your issue/question but...When endpoint fail HI, you are placed into Quarantine Location. then you use the policies there. In that location you have a FW policy, which is blocking. Same goes for HI policy, you have another HI policy in quarantine that is getting run seperately sounds like.... 

Turn on logging for rules in that FW policy in quarantine, note not all rules by default log or the log traffic would be high. If there are many clients in this group create a debug group and place a small number of clients in it. If that is the issue why being blocked?

 

P

 

Hi,

This may happen that your client machin does not comply with the policies you set to check by DHCP plugin enforcer.

You can add your FPT server in 'Automatic quarantine configuration' to avoide this failure.

It may be possibe that DHCP plugin provides a quarantine IP add to client in begining as it need to check the client status for compliance. You can also decrease the lease of quarantine zone.