Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7656
Views
0
Helpful
3
Replies

Authentication method is not supported

gasliu
Level 1
Level 1

‎02-23-2016 02:38 AM

Hi Experts,

I have a customer is using 802.1x with AD on ISE 2.0. But the authentication is constantly failed. The Failure reason shows on log as “22064 Authentication method is not supported by any applicable identity store(s)” .

Do you have any experience on it? The customer is using PEAP (MSCHAPv2) as authentication protocol.

Thank you for your help.

2 people had this problem
0 Helpful
3 Replies 3

Jason Kunst
Cisco Employee
Cisco Employee

‎02-23-2016 03:29 AM

Sounds like they are not setup in there authentication policies with an identity store mapped to the protocol they are using

If using AD should connect domain and choose appropriate groups

https://www.google.com/search?site=&source=hp&ei=9EPMVuPFIIX0jgSd07GIAw&q=22064+authentication+method+is+not+supported+b…

Customer should be contacting TAC if this is production issue

0 Helpful

Timothy Abbott
Cisco Employee
Cisco Employee

‎02-23-2016 08:04 AM

There are a couple things you can check:

1. Make sure ISE is joined to AD and security groups are added

2. Ensure that PEAP (MSCHAPv2) is checked in Allowed Protocols

3. Verify that AD is referenced for Wired 802.1X in authentication policy

ISE has intelligent defaults for wired and wireless 802.1X so building authentication policy from scratch should not be needed.

Regards,

-Tim

0 Helpful

gasliu
Level 1
Level 1
In response to Timothy Abbott

‎02-23-2016 02:22 PM

Hi Timothy,

The things you mentioned I have already checked.

Best Regards,

Gaspard Liu (刘洪曦) .:|:.:|:.

CCIE Wireless

Travel Plan:

0 Helpful
Customers Also Viewed These Support Documents