02-28-2018 03:12 PM
We have ISE 2.2 Patch 3 in AD forest.
Some initial configuration was done for us in the parent forest (parent.com), but now I want to authenticate/authorize users and computers in a child.parent.com domain.
A parent.com user and computer authenticate over wireless using 802.1x supplicant.
Issue (using the same computer as above): a user in child.parent.com cannot authenticate/access over wireless - wired is ok.
In the radius log, I see the hardware (host\computername) authenticate, but I don't see anything else in the log (no user info).
On the computer (Win7), if I try to connect to the SSID, starts to connect, then it fails to connect.
I am at a loss on where/how to dig into this.
thx-
02-28-2018 04:08 PM
Hi,
Please make sure the supplicant is configured for user/machine auth or what ever the settings you want to be. In your case, it looks like computer is doing a machine auth and not user auth.
Here is an article that may help you in that
Thanks
Krishnan
03-01-2018 05:01 PM
As you mentioned you are not seeing logs in ISE, it's likely that the wireless NAD not sending the requests to ISE at all. Thus, I would suggest to debug on the wireless NAD (WLC?).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide