Re: I am seeing this error when a

cciesec333 · ‎09-17-2014

We have an ISE deployment for testing.

This is running v1.2.0.899.

We have an auth policy configured for domain-joined computers for 802.1x and domain credentials:

Condition: Wired_802.1X

Allow Protocols: PEAP_CHAPv2

Use: AD

This works, and authenticates both the machine (pre-login) and user (post-login).

However, I am seeing some errors int the Auth logs before the 5200 Authentication succeeded message.

These messages are not shown in the Cisco ISE Log Messages spreadsheet!

5441 Endpoint started new EAP session while the packet of previous EAP session is being processed. Dropping new session.

5405 RADIUS Request dropped

5440 Endpoint abandoned EAP session and started new

Venkatesh Attuluri · ‎09-17-2014

check the following link

https://supportforums.cisco.com/discussion/12303621/5440-endpoint-abandoned-eap-session-and-started-new#comment-form

Jimmy Johansson · ‎09-17-2014

I am seeing this error when a windows supplicant is booting up, we want them to use EAP-TLS. Before the GPOs has struck, they try to authenticate using EAP-PEAP on their own, which they aren't configured to do. Shortly after that, they send the EAP-TLS packets. After the supplicant has been authenticated, the 5440 error shows up but without affecting the authentication.

My guess is that this is the result of Windows behaviour. This generates a couple of "failed" authentications that in our case just confuse the costumer. I know this isn't an answer on your question, just my experience with the problem.

billywaiclassmate · ‎01-01-2018

I had same problem with you, could you have solution to fix it?

Saurav Lodh · ‎09-18-2014

Possibly a Bug CSCui21439

Known fixes on below release,

1.2(1.198)

1.2(0.903)

Tinaspears · ‎05-22-2015

cciesec333,

Were you able to correct this problem? We are experiencing the same problems.