cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

406
Views
10
Helpful
2
Replies
Highlighted
Beginner

Eap Tls Wireless cisco ise 2.7 not working.

Hello guys,

 

I am not able to have user and machine authentication for wireless users.

I keep getting these errors.

 

Please help.

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

I think i might know what the issue is,

 

The machine is not able to authenticate using any connect and for some reason, the wireless can not connect without using anyconnect.

And under my user authorization profile, i have a condition for wasmachineauthenticated - true

 

So i will try again just with the user authentication.

View solution in original post

2 REPLIES 2
Highlighted
Hall of Fame Guru

It looks like the tempadmin user is denied access. Check the Authorization result conditions to ensure they are granted access

24209 	Looking up Endpoint in Internal Endpoints IDStore - tempadmin
24211 	Found Endpoint in Internal Endpoints IDStore
24432 	Looking up user in Active Directory - TCRA-AD
24355 	LDAP fetch succeeded - tcra.go.tz
24416 	User's Groups retrieval from Active Directory succeeded - TCRA-AD
15048 	Queried PIP - TCRA-AD.ExternalGroups
15048 	Queried PIP - Normalised Radius.SSID
15016 	Selected Authorization Profile - DenyAccess
15039 	Rejected per authorization profile

 

Highlighted

I think i might know what the issue is,

 

The machine is not able to authenticate using any connect and for some reason, the wireless can not connect without using anyconnect.

And under my user authorization profile, i have a condition for wasmachineauthenticated - true

 

So i will try again just with the user authentication.

View solution in original post

Content for Community-Ad