https://community.cisco.com/t5/network-access-control/rdp-session-usign-machine-credentials-against-user-credentials/m-p/4124395#M561891 <P>Can someone please help me out with this issue i am trying to figure it out.</P><P>Ver: ISE 2.4</P><P>802.1x</P><P>Authentication: PEAP</P><P>Authorization: AD User / MSCHAPv2</P><P>&nbsp;</P><P>When i login at workstation, policy works fine and correct DACL is applied and user gets appropriate network access. But when same user RDP into that machine with same credentials, authentication passed to ise is machine authentication against user credentials and so default DACL is applied, in our case we have set it to domain controller and internet only.</P><P>&nbsp;</P><P>Is there anyone with same issue, if yes how can we have user access workstation with RDP session and policy works same way.</P><P>&nbsp;</P><P>Thank you</P> Thu, 23 Jul 2020 17:26:29 GMT FaneelChristian 2020-07-23T17:26:29Z https://community.cisco.com/t5/network-access-control/rdp-session-usign-machine-credentials-against-user-credentials/m-p/4124395#M561891 <P>Can someone please help me out with this issue i am trying to figure it out.</P><P>Ver: ISE 2.4</P><P>802.1x</P><P>Authentication: PEAP</P><P>Authorization: AD User / MSCHAPv2</P><P>&nbsp;</P><P>When i login at workstation, policy works fine and correct DACL is applied and user gets appropriate network access. But when same user RDP into that machine with same credentials, authentication passed to ise is machine authentication against user credentials and so default DACL is applied, in our case we have set it to domain controller and internet only.</P><P>&nbsp;</P><P>Is there anyone with same issue, if yes how can we have user access workstation with RDP session and policy works same way.</P><P>&nbsp;</P><P>Thank you</P> Thu, 23 Jul 2020 17:26:29 GMT https://community.cisco.com/t5/network-access-control/rdp-session-usign-machine-credentials-against-user-credentials/m-p/4124395#M561891 FaneelChristian 2020-07-23T17:26:29Z https://community.cisco.com/t5/network-access-control/rdp-session-usign-machine-credentials-against-user-credentials/m-p/4124677#M561898 <P>This is a design limitation in the Windows supplicant. See the following document for more information and suggestions.</P> <P><A href="https://www.ise-support.com/2019/02/05/windows-rdp-and-802-1x-authentications/" target="_self">Windows RDP and 802.1x Authentications</A>&nbsp;</P> Thu, 23 Jul 2020 23:56:39 GMT https://community.cisco.com/t5/network-access-control/rdp-session-usign-machine-credentials-against-user-credentials/m-p/4124677#M561898 Greg Gibbs 2020-07-23T23:56:39Z