Solved: Re: Eap Tls Wireless cisco ise 2.7 not working.

Tutu · ‎12-02-2020

Hello guys,

I am not able to have user and machine authentication for wireless users.

I keep getting these errors.

Please help.

Tutu · ‎12-03-2020

I think i might know what the issue is,

The machine is not able to authenticate using any connect and for some reason, the wireless can not connect without using anyconnect.

And under my user authorization profile, i have a condition for wasmachineauthenticated - true

So i will try again just with the user authentication.

View solution in original post

Marvin Rhoads · ‎12-03-2020

It looks like the tempadmin user is denied access. Check the Authorization result conditions to ensure they are granted access

24209 	Looking up Endpoint in Internal Endpoints IDStore - tempadmin
24211 	Found Endpoint in Internal Endpoints IDStore
24432 	Looking up user in Active Directory - TCRA-AD
24355 	LDAP fetch succeeded - tcra.go.tz
24416 	User's Groups retrieval from Active Directory succeeded - TCRA-AD
15048 	Queried PIP - TCRA-AD.ExternalGroups
15048 	Queried PIP - Normalised Radius.SSID
15016 	Selected Authorization Profile - DenyAccess
15039 	Rejected per authorization profile

Tutu · ‎12-03-2020

I think i might know what the issue is,

The machine is not able to authenticate using any connect and for some reason, the wireless can not connect without using anyconnect.

And under my user authorization profile, i have a condition for wasmachineauthenticated - true

So i will try again just with the user authentication.