06-23-2022 05:58 AM
Hello,
In my environment, Cisco ISE 2.2 is being used as the RADIUS authentication server for a WLAN that uses WPA2 and 802.1X for authentication. On Cisco ISE, Network Access Users have been created for the users using that WLAN who basically use a Username and Password created for them.
Several times a day, the users are being disabled on ISE and as a result they cannot authenticate. In the RADIUS log, I see these messages:
Source Timestamp | 2022-06-23 07:33:08.583 |
Received Timestamp | 2022-06-23 07:33:08.583 |
Policy Server | <ise-node-name> |
Event | 5400 Authentication failed |
Failure Reason | 24206 User disabled |
Resolution | Check whether the user account in Internal database is enabled |
Root cause | User marked disabled in Internal database. |
As a solution, I am having to enable the users manually.
Are any of you having similar issue? Is there any workaround for the remediation?
Any suggestion would be highly appreciated.
BR
Solved! Go to Solution.
07-05-2022 10:55 PM
There are no real details to under HOW the users are getting disabled.
Since there are no logs or other details, I suggest creating a TAC case to see if they can troubleshoot this problem.
06-23-2022 07:12 AM
- Check these threads , they may provide hints :
https://community.cisco.com/t5/wireless/cisco-ise-issue-24206-user-disabled/td-p/2453846
Also note your ISE version is getting quite old, this may also lead to incompatibilities with software version(s) on NAD's (controllers and switches). Take note of this link for future references :
https://community.cisco.com/t5/security-documents/ise-version-upgrade-matrix/ta-p/3653501
M.
07-05-2022 10:55 PM
There are no real details to under HOW the users are getting disabled.
Since there are no logs or other details, I suggest creating a TAC case to see if they can troubleshoot this problem.
07-06-2022 11:46 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide