I am planning to use PEAP for machine authentication
I read that with PEAP, Machine authentication only happens at the Windows login.
if I use PEAP for machine authentication,what hapen if user open a session and have access on the network (machine and user authentication work) then user disconnect his network cable on the nerwork and reconnect it few hour or few day after : machine authentication will work ? or he should close Windows session and open it again ?
Cisco ISE specifies the allowable protocol(s) that are available to the network devices on which the user tries to authenticate and specifies the identity sources from which user authentication is validated.
• Enable PEAP Session Resume—Check this check box for the Cisco ISE to cache the TLS session that is created during phase one of PEAP authentication, provided the user successfully authenticates in phase two of PEAP. If a user needs to reconnect and the original PEAP session has not timed out, the Cisco ISE uses the cached TLS session, resulting in faster PEAP performance and a reduced AAA server load. You must specify a PEAP session timeout value for the PEAP session resume features to work.
• PEAP Session Timeout—Specifies the time in seconds after which the PEAP session times out. The default value is 7200 seconds.
• Enable Fast Reconnect—Check this check box to allow a PEAP session to resume in the Cisco ISE without checking user credentials when the session resume feature is enabled.