Authentication


	Details
		Source Timestamp : 2019-02-13 09:55:43.391
		Received Timestamp : 2019-02-13 09:55:43.391
		Policy Server : isepsn01
		Event : 5400 Authentication failed
		Failure Reason : 12951 Unexpected renegotiation received. Renegotiation is not supported in PEAP
		Resolution : Verify that supplicant is configured properly to conduct PEAP conversation with ISE. Verify that supplicant does not have any known compatibility issues and that it is properly configured. This is a known issue on Android when conducting PEAP conversation.
		Root cause : Unexpected renegotiation received. Renegotiation is not supported in PEAP
		Username : anonymous
		User Type : 
		Endpoint Id : 00:09:FB:A5:52:71
		Calling Station Id : 
		Endpoint Profile : 
		IPv4 Address : 
		IPv6 Address : 
		Authentication Identity Store : 
		Identity Group : 
		Audit Session Id : 05207d0a0030dadc83d8635c
		Authentication Method : dot1x
		Authentication Protocol : PEAP
		Service Type : Framed
		Network Device : ds-wlc-01
		Device Type : All Device Types#Cisco-WLAN
		Location : All Locations#DS
		NAS IPv4 Address : 10.125.32.5
		NAS IPv6 Address : 
		NAS Port Id : 
		NAS Port Type : Wireless - IEEE 802.11
		Authorization Profile : 
		Posture Status : 
		Security Group : 
		MapLocation : 
		MSE Server : 
		MSE Response Time : 
		Response Time : 1

	Result
		RadiusPacketType : AccessReject

	Other Attributes
		ConfigVersionId : 13
		Device Port : 55022
		DestinationPort : 1812
		RadiusPacketType : AccessRequest
		Protocol : Radius
		NAS-Port : 8
		Framed-MTU : 1300
		State : 37CPMSessionID=05207d0a0030dadc83d8635c;35SessionID=isepsn01/338733710/773820;
		Acct-Session-Id : 5c63d883/00:09:fb:a5:52:71/3346014
		Tunnel-Type : (tag=0) VLAN
		Tunnel-Medium-Type : (tag=0) 802
		Tunnel-Private-Group-ID : (tag=0) 2401
		undefined-89 : 05:
		undefined-131 : 
		Airespace-Wlan-Id : 18
		NetworkDeviceProfileName : Cisco
		NetworkDeviceProfileId : e3bdf7f4-ec5f-4169-b460-c146f25ac23c
		IsThirdPartyDeviceFlow : false
		RadiusFlowType : Wireless802_1x
		SSID : 00-5d-73-1e-b1-80:SLL-Access
		AcsSessionID : isepsn01/338733710/773820
		OpenSSLErrorMessage : SSL alert: code=0x228=552 ; source=local ; type=fatal ; message="handshake failure"
		OpenSSLErrorStack : 140003202889472:error:140A1159:SSL routines:SSL_BYTES_TO_CIPHER_LIST:scsv received when renegotiating:ssl_lib.c:1495:
		CPMSessionID : 05207d0a0030dadc83d8635c
		EndPointMACAddress : 00-09-FB-A5-52-71
		ISEPolicySetName : SLL_DS_WLAN_1x
		AllowedProtocolMatchedRule : SLL-DS-WLAN-Auth-dot1x
		StepLatency : 45=30903
		Controller : Controller#WLC
		Model Name : 8540
		Software Version : 8.2.151.0
		Location : Location#All Locations#DS
		Device Type : Device Type#All Device Types#Cisco-WLAN
		RADIUS Username : anonymous
		NAS-Identifier : ds-wlc-01
		Device IP Address : 10.125.32.5
		Called-Station-ID : 00-5d-73-1e-b1-80:SLL-Access
		CiscoAVPair : audit-session-id=05207d0a0030dadc83d8635c

	Steps
		11001 : Received RADIUS Access-Request
		11017 : RADIUS created a new session
		15049 : Evaluating Policy Group
		15008 : Evaluating Service Selection Policy
		15048 : Queried PIP - DEVICE.Location
		15004 : Matched rule - SLL-DS-WLAN-Auth-dot1x
		11507 : Extracted EAP-Response/Identity
		12500 : Prepared EAP-Request proposing EAP-TLS with challenge
		11006 : Returned RADIUS Access-Challenge
		11001 : Received RADIUS Access-Request
		11018 : RADIUS is re-using an existing session
		12301 : Extracted EAP-Response/NAK requesting to use PEAP instead
		12300 : Prepared EAP-Request proposing PEAP with challenge
		11006 : Returned RADIUS Access-Challenge
		11001 : Received RADIUS Access-Request
		11018 : RADIUS is re-using an existing session
		12302 : Extracted EAP-Response containing PEAP challenge-response and accepting PEAP as negotiated
		12319 : Successfully negotiated PEAP version 1
		12800 : Extracted first TLS record; TLS handshake started
		12805 : Extracted TLS ClientHello message
		12806 : Prepared TLS ServerHello message
		12807 : Prepared TLS Certificate message
		12810 : Prepared TLS ServerDone message
		12305 : Prepared EAP-Request with another PEAP challenge
		11006 : Returned RADIUS Access-Challenge
		11001 : Received RADIUS Access-Request
		11018 : RADIUS is re-using an existing session
		12304 : Extracted EAP-Response containing PEAP challenge-response
		12305 : Prepared EAP-Request with another PEAP challenge
		11006 : Returned RADIUS Access-Challenge
		11001 : Received RADIUS Access-Request
		11018 : RADIUS is re-using an existing session
		12304 : Extracted EAP-Response containing PEAP challenge-response
		12305 : Prepared EAP-Request with another PEAP challenge
		11006 : Returned RADIUS Access-Challenge
		11001 : Received RADIUS Access-Request
		11018 : RADIUS is re-using an existing session
		12304 : Extracted EAP-Response containing PEAP challenge-response
		12305 : Prepared EAP-Request with another PEAP challenge
		11006 : Returned RADIUS Access-Challenge
		11001 : Received RADIUS Access-Request
		11018 : RADIUS is re-using an existing session
		12304 : Extracted EAP-Response containing PEAP challenge-response
		12305 : Prepared EAP-Request with another PEAP challenge
		11006 : Returned RADIUS Access-Challenge
		11001 : 30903#Received RADIUS Access-Request
		11018 : RADIUS is re-using an existing session
		12304 : Extracted EAP-Response containing PEAP challenge-response
		12319 : Successfully negotiated PEAP version 1
		12805 : Extracted TLS ClientHello message
		12814 : Prepared TLS Alert message
		12817 : TLS handshake failed
		12951 : Unexpected renegotiation received. Renegotiation is not supported in PEAP
		12307 : PEAP authentication failed
		12305 : Prepared EAP-Request with another PEAP challenge
		11006 : Returned RADIUS Access-Challenge
		11001 : Received RADIUS Access-Request
		11018 : RADIUS is re-using an existing session
		12304 : Extracted EAP-Response containing PEAP challenge-response
		11504 : Prepared EAP-Failure
		11003 : Returned RADIUS Access-Reject
Profiler


	Details
		Source Timestamp : 2019-01-25 11:20:45.873
		Received Timestamp : 2019-01-25 11:20:45.874
		Policy Server : isepsn01
		Event : 80002 Profiler EndPoint profiling event occurred
		Mac Address : 00:09:FB:A5:52:71
		Endpoint Policy : Philips-Device
		Static Assignment : 
		Source : RADIUS Probe
		Oui : Philips Patient Monitoring
		Hostname : isepsn01.sec.sll.se
		Property : PolicyVersion=0,AuthenticationIdentityStore=Styx,AD-User-Candidate-Identities=sty_ds_mt_315408@styx.sll.se,EndPointPolicyID=cf876790-e0ef-11e3-af67-005056bf4689,DetailedInfo=Invalid username or password specified\, Retry is  allowed,AuthenticationMethod=MSCHAPV2,FirstCollection=1548411645865,CacheUpdateTime=1548411645872,StaticAssignment=false,User-Name=anonymous,NmapScanCount=0,SelectedAccessService=SLL_DOT1X,AD-Error-Details=Domain trust is one-way,NetworkDeviceName=ds-wlc-01,NAS-Port=8,DestinationIPAddress=131.205.14.39,AAA-Server=isepsn01,SelectedAuthenticationIdentityStores=HSNT05, Styx, Internal Users,Model Name=8540,Device Type=Device Type#All Device Types#Cisco-WLAN,Device IP Address=10.125.32.5,PortalUser=,AllowedProtocolMatchedRule=SLL-DS-WLAN-Auth-dot1x,Software Version=8.2.151.0,NetworkDeviceGroups=Location#All Locations#DS, Device Type#All Device Types#Cisco-WLAN, Controller#WLC,BYODRegistration=Unknown,Calling-Station-ID=00-09-fb-a5-52-71,Total Certainty Factor=10,Network Device Profile=Cisco,IdentityGroupID=6a9c7190-e0ef-11e3-af67-005056bf4689,PostureApplicable=Yes,NAS-Identifier=ds-wlc-01,NmapSubnetScanID=0,NAS-Port-Type=Wireless - IEEE 802.11,StepData=4= Normalised Radius.RadiusFlowType, 5= DEVICE.Location, 6=SLL-DS-WLAN-Auth-dot1x, 78= Network Access.EapTunnel, 79= Network Access.AuthenticationMethod, 80= Network Access.EapAuthentication, 81=SLL-DS-WLAN-Auth-MSCHAPv2, 82=SLL_Identity_Sequense, 83=HSNT05, 84=HSNT05, 85=sty_ds_mt_315408, 86=mta.karolinska.se, 87=mta.karolinska.se, 88=mtautv.karolinska.se\Domain trust is one-way, 89=hs.se\ 90=nts.sll.se\ 91=gaia.sll.se\ 92=sts.sll.se\ 94=ERROR_NO_SUCH_USER, 95=HSNT05, 96=Styx, 97=Styx, 98=sty_ds_mt_315408, 99=styx.sll.se, 100=styx.sll.se, 101=gaia.sll.se\ 103=STATUS_WRONG_PASSWORD\ERROR_INVALID_PASSWORD\sty_ds_mt_315408@styx.sll.se, 104=Styx,TimeToProfile=6,DeviceRegistrationStatus=NotRegistered,RadiusFlowType=Wireless802_1x,MatchedPolicyID=cf876790-e0ef-11e3-af67-005056bf4689,UserName=sty_ds_mt_315408,FeedService=false,StaticGroupAssignment=false,Controller=Controller#WLC,LastActivity=1548411645865,Response={RadiusPacketType=Drop; }LastNmapScanTime=0,EndPointMACAddress=00-09-FB-A5-52-71,UpdateTime=0,Location=Location#All Locations#DS
		Matched Rule : 
		Certainity Metric : 10
		IP Address : 
		Subnet : 
		NAD Address : 10.125.32.5
		User Agent : 
		Vlan : 
		Fqdn : 
		Nameserver : 
		Matched Policy : Philips-Device
		Action Name : 
		Identity Group : Profiled
		Time To Profile : 6