05-16-2020 10:40 AM
Hello everyone,
I am having some issues with my dot1x configuration and was hoping to get some ideas on what the issue might be.... End points are configured with windows supplicant software, Cisco 9300 working as authenticator and Cisco ISE as authentication server. All devices have been configured, but here is the issue:
Every time I log into a workstation, and go to the NIC properties, it will show "attempting to authenticate" and will not complete the authentication until I either reset the NIC or I click switch user and log back in with the same user. Once I do one of those two things, the "windows security login" pops up asking for the credentials once again. Once I re-enter the credentials thats when the authentication is completed and the log appears in the ISE Radius Log as successful.
Any ideas why the "windows security login" doesnt appear without having to mess with the computer NIC?
05-16-2020 12:15 PM
Hello,
Could you please help give us a better understanding:
Thank you.
05-17-2020 09:20 AM
Hello.
I am using windows 10.
Authentication is PEAP-MSCHAPV2
I will get you the interface configuration tomorrow once I go into the office. It is a classified network so I dont have remote access.
Thanks for the help!
05-19-2020 04:22 PM
Hello,
Here is part of the configuration in the switch:
Switch# configure terminal
Switch(config)# dot1x system-auth-control
Switch(config)# aaa new-model
Switch(config)# aaa authentication dot1x default group radius
Switch(config-if)# switchport mode access
Switch(config-if)# dot1x pae authenticator
Switch(config-if)# dot1x port-control auto
Like I said, if I restart the NIC, it would go through and authenticate using 802.1x but not sure why it wont work without restarting the NIC everytime.
thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: