cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6440
Views
0
Helpful
6
Replies

5400 Authentication failed Windows 10 clients

InfraISE2020
Level 1
Level 1

Hi,

 

We have recently come across an issue where our Windows clients are getting prompted to enter a username/password when connecting to our corporate network. Nothing has been changed on our environment and its been working fine until a few weeks ago. The only change is users have been upgraded to Windows 10 1909, nothing has changed on ISE.

 

I have looked through the logs and we're getting an event "5400 Authentication Failed" & "11514 Unexpectedly received empty TLS message; treating as a rejection by the client", screenshot of the error attached.

 

Has anyone else come across this issue and have you been able to resolve it.

 

Thanks in advance.

Ashley

1 Accepted Solution

Accepted Solutions

Mike.Cifelli
VIP Alumni
VIP Alumni

Please share your native supplicant configuration from one of the clients.  AFAIK this error is typically from the following:

-The supplicant/client machine is not accepting ISE cert

-Supplicant is configured to validate server cert. However, it does not trust the ISE cert presented

Which is causing ISE to treat it as rejected.  Please verify if you have validate server cert configured/enabled in supplicant setup.  Also, ensure that the cert chain is imported on the client side so that the presented ISE cert is trusted.  HTH!

 

 

View solution in original post

6 Replies 6

Hi @InfraISE2020 ,

 if you are using AnyConnect as a Supplicant ... please take a look at the Event Viewer > Applications and Services Logs > Cisco AnyConnect Secure Mobile Client for any issues during the process.

 

Hope this helps !!!

Hi @Marcelo Morais 

 

We aren't using anyconnect, were just using 802.1x from Cisco Meraki to ISE and the clients have a standard windows 10 802.1x wlan profile configured for them to connect to the SSID. 

 

Any ideas?

marce1000
VIP
VIP

 

 - What type of authenticating servers are being used, and what's in the their logs for these auth-attempts ?

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

Hi @marce1000 

 

Thanks for the quick response. We are using 802.1x from Meraki to ISE and the clients are using a windows 802.1x WLAN profile to connect to the SSID.

 

Could you confirm what logs you're referring to and i will provide an output of them?

 

Thanks

 

Mike.Cifelli
VIP Alumni
VIP Alumni

Please share your native supplicant configuration from one of the clients.  AFAIK this error is typically from the following:

-The supplicant/client machine is not accepting ISE cert

-Supplicant is configured to validate server cert. However, it does not trust the ISE cert presented

Which is causing ISE to treat it as rejected.  Please verify if you have validate server cert configured/enabled in supplicant setup.  Also, ensure that the cert chain is imported on the client side so that the presented ISE cert is trusted.  HTH!

 

 

Please check ISE system certificate validation.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: