cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2192
Views
0
Helpful
1
Replies

User Authentication Failed but Machine succeeded cisco ISE 2.7

Tutu
Level 1
Level 1

Hello All,

 

Today after a month of using ISE my users were not able to authenticate but machine authentication succeeded.

 

Please help.

 

This is the error i got from the live logs

 

Issued PAC type=Machine Authorization with expiration time: Wed Mar 24 20:12:17 2021

 

Can someone tell me what this means ?

1 Reply 1

ppreenja
Cisco Employee
Cisco Employee

Hello Tutu,

 

It seems that authorization conditions are not matching as expected.

You might be using host/machine-name as a condition which won't work when authenticating with certificates.

It is expected for EAP-TLS to have the username as host/anonymous since the identity is not yet protected.

I would suggest using the certificate attributes instead and hopefully, that should resolve the issue.

 

If you are still facing the issue, I would request you to post in the below community channel:

 

https://community.cisco.com/t5/network-access-control/bd-p/discussions-network-access-control 

 

Cheers,

Pratham