10-20-2017 02:05 AM - last edited on 03-25-2019 10:29 PM by ciscomoderator
Hi,
our customer has few thousand of old Windows XP. After upgrading ISE 2.1.0.474 from patch 3 to patch 5. All of Windows XP was unable to authenticate with 802.1x - PEAP.
So, we have enabled weak ciphers. That really helps. BUT, it cause even bigger problem. All policy nodes (6 virtual ISE servers) started to reinitialize Application Server process. All policy nodes continuously reinitialize main process which caused them to disconnect from AD. After main process go back to normal running state. It all started again after maybe 3 minutes.
After turning off support for weak ciphers. All ISE nodes was stable again. We had to rollback to patch 3 so all XPs can authenticate.
Are you aware of such a problem? We are stuck on version ISE 2.1.0.474 patch 3. Thanks.
Solved! Go to Solution.
11-14-2017 01:09 PM
11-14-2017 01:09 PM
11-14-2017 11:05 PM
Yes, we are currently testing patch 6 and it looks like it helps. Hopefully it will work in customer environment also... Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide