cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1061
Views
0
Helpful
3
Replies

Error - EAP session abandoned

dgaikwad
Level 5
Level 5

Hi Experts,

We are in middle of a migration from Great Bay NAC to Cisco ISE.

There has been migration of about 10 sites now, during these migrations what I have observed is that, newly integrated switches show some of the endpoints showing multiple EAP session abandoned logs in the live logs.
What could be causing this issue?
Since I have cleared authentication sessions for these endpoints, as well as tried shut and no shut (during the change window).
The state of the errors does not change though.
Could you point me to further troubleshoot this issue and get to a possible resolution may be?

1 Accepted Solution

Accepted Solutions

You are correct that this is due to endpoints rather than NADs usually.

The steps section in an auth details report should give you more info. If an endpoint keeping giving you this error, you would likely need debugging on the endpoint supplicant.

View solution in original post

3 Replies 3

anshsinh
Cisco Employee
Cisco Employee

Hi Dgaikwad,

 

This error means that the NAD (switch /WLC) did not get a response back from ISE before its radius timer expired and hence it started a new radius access request but ISE was still processing the previous request and hence did not expect a new radius access request for same user .

 

You can check the radius time out value configured on switch , delay between ISE and switch .

 

You can also check on ISE which step taking more time to process causing the delay - ISE->Operations->Radius Live Logs->Detailed live log report .

 

Regards

What I have seen is that, this happens for some of the endpoints. While rest others are connecting without any errors being reported.
Could you point out what are the attributes that I need to lookout for in the live logs for this specific endpoint?

You are correct that this is due to endpoints rather than NADs usually.

The steps section in an auth details report should give you more info. If an endpoint keeping giving you this error, you would likely need debugging on the endpoint supplicant.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: