Accepted Solutions
Sounds to me as if your LDAP integration is perhaps not working as expected. You would need to share some more details about how you integrated the LDAP, and the various tabs of the config that relate to that. I have set it up myself in the past and it's a fiddle job to get the parameters right (AD is plug and play, but with LDAP you have to be very prescriptive and exact).
Does the bind from ISE to LDAP success?
If your Subject Search Base and Group Search Base is setup correctly then you should be able to Retrieve Groups from Directory as a confirmation.
The wireshark doesn't tell us much - if you still have the pcap file, add an OR filter to include ldap - let's see what's going on there. And the ISE Live Logs must be showing the access-request at least, or else you have some suppression enabled that is blocking it. Disable it temporarily for testing
Admin -> System -> Settings ->Protocols -> RADIUS and then uncheck the "Suppress repeated failed auths"
Sounds to me as if your LDAP integration is perhaps not working as expected. You would need to share some more details about how you integrated the LDAP, and the various tabs of the config that relate to that. I have set it up myself in the past and it's a fiddle job to get the parameters right (AD is plug and play, but with LDAP you have to be very prescriptive and exact).
Does the bind from ISE to LDAP success?
If your Subject Search Base and Group Search Base is setup correctly then you should be able to Retrieve Groups from Directory as a confirmation.
The wireshark doesn't tell us much - if you still have the pcap file, add an OR filter to include ldap - let's see what's going on there. And the ISE Live Logs must be showing the access-request at least, or else you have some suppression enabled that is blocking it. Disable it temporarily for testing
Admin -> System -> Settings ->Protocols -> RADIUS and then uncheck the "Suppress repeated failed auths"
