Re: integration problems with ISE

jean-souza · ‎01-13-2026

Hello,

Could you please provide us with support? We are currently facing authentication issues with Cisco ISE after enabling biometric and facial recognition login for our users.

Since the biometric feature was enabled, we have noticed that Cisco ISE frequently keeps requesting authentication and, in many cases, ends up locking the user accounts.

Please note that:

The biometric service is fully operational and available to all users;
Biometric authentication is not integrated with Cisco ISE;
The external platform currently in use is Microsoft Intune.

Please find attached an image showing the Cisco ISE version in use:

ahollifield · ‎01-13-2026

This is 100% an endpoint problem. Not an ISE problem. What EAP method is used? EAP-TLS? TEAP? PEAP MS-CHAPv2? Something else?

The screenshot is for Cisco Secure Client, not ISE. But why are you using 5.0 and not 5.1?

jean-souza · ‎01-16-2026

The EAP method used is EAP-FAST. And the version of ISE is the one in the image below:

ahollifield · ‎01-16-2026

Why are you using EAP-FAST? Why not TEAP? Also that is an ANCIENT patch of 3.2. Please install the latest 3.2 patch before doing spending any more time troubleshooting this. Also: https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/identity-service-engine-software-3-1-3-2.html

Again though, this is an endpoint configuration problem, not really an ISE problem.