cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10706
Views
1
Helpful
3
Replies

5411 Supplicant stopped responding to ISE

ittechk4u1
Level 4
Level 4

Hello Guys,

 

I am using cisco 2802 AP as WLC and using ISE for AAA.

 

Clients should be authenticate by using EAP-TLS.

 

I am getting these errors:

 

5411 Supplicant stopped responding to ISE

 

12931 Supplicant stopped responding to ISE after sending it the first EAP-TLS message

 

can anyone guide...

Thanks in advance

1 Accepted Solution

Accepted Solutions

thomas
Cisco Employee
Cisco Employee

The endpoint is not trusting the ISE certificate.

You are probably using a self-signed certificate on ISE.

You will need to disable certificate validation on your endpoint supplicant (client) or get a properly signed certificate by your enterprise CA or public CA.

View solution in original post

3 Replies 3

Hi @ittechk4u1 ,

 to check what is going on during the process:

debug dot1x all

 

Hope this helps !!!

Mike.Cifelli
VIP Alumni
VIP Alumni

What supplicant are you using on your clients (NAM or native)?  Are they properly configured to support eap-tls onboarding? Can you share more detailed live logs so the community can gather more info and see steps?

thomas
Cisco Employee
Cisco Employee

The endpoint is not trusting the ISE certificate.

You are probably using a self-signed certificate on ISE.

You will need to disable certificate validation on your endpoint supplicant (client) or get a properly signed certificate by your enterprise CA or public CA.