If you've configured the service to manage all interfaces then you have to write policy around the VPN interface as well. Either setup Onboard to work with the VPN client properly or only manage the wired and/or wireless interfaces.
------------------------------
Carson Hulcher, ACEX#110
------------------------------
Original Message:
Sent: Nov 25, 2024 06:39 AM
From: Kenny_10_Bellys
Subject: OnGuard disconnects VPN users
Hi there. We've recently begun rolling out the OnGuard agent add-on to Clearpass and have hit a minor issue with laptop users. On site there's no issues, OnGuard works as expected and users either get a healthy token or are quarantined onto one of the quarantine VLANs I set up. The issue is when laptop users are off-site and use their Forticlient VPN client to join our network remotely.
When a user connects to one of our global gateways the OnGuard agent now sees the Clearpass cluster and runs the specified checks. It pops up a healthy status and immediately the VPN is dropped. I assume the agent is bouncing the connection and causing the disconnect. With the standard checks set to 10 minutes I basically cut off home users. I ended up changing the default check time to 8 hours so that it would only cause them to reconnect once in a standard work day and we still get a daily check on our rules.
Is there any way to prevent this disconnection of the VPN? The agent install is set to manage all interfaces including 'other' and is health check only, no authentication. We're currently running Win10. Thanks for any insight.