cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
14436
Views
0
Helpful
16
Replies

ISE 2.4 and Win10 issue - 5440 Endpoint abandoned EAP session and started new

agipkcoat
Level 1
Level 1

We faced with an issue 5440 Endpoint abandoned EAP session and started new

Use case: Corporate users using corporate machine – Dot1x authentication using certificates (User + Machine) EAP-FAST and Posture assessment

 

Network Devices:

Cisco WS-3750X - IOS 15.2(4)E7

Cisco WS-3650 - IOS 16.3.7

 

Deployment details:

ISE 2.4.0.357, Patch 1,2,3,4,5

AnyConnect module v.4.7.00136

Windows 7, 10.

 

Use case works perfect with 3650 switch IOS 16.3.7 on Win7 and Win10.

But if we trying to use 3750X with IOS 15.2(4)E7, we have a problems only with Win10 while Win7 works correctly. 

 

 

16 Replies 16

agipkcoat
Level 1
Level 1

While troubleshooting we mentioned that use case AnyConnect NAM: EAP-FAST(User and machine using EAP-MSCHAPv2) works fine.
But if we trying to configure Win10 supplicant to use EAP-TLS, so in this case authorization fails. Native supplicant also works fine with certs.
After reviewing DART file, we mentioned, that endpoint sends an error message: internal error 204 contact software manufacturer.
Does anyone have faced with the same issue?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: