cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2747
Views
0
Helpful
3
Replies

[ISE]Issue with dot1x computer based auth and wol

Hello all,

We encounter an issue with the WOL fonctionnality and 802.1X using computer based authentication.

Network Wired card is an Intel I217-LM with WOL fonctionnality.

We are doing 802.1X computer based authentication connected to Cisco Switch and Cisco ISE 1.4 patch 4

Computer authentication works well when PC start, or when network cable is unplugged/plugged.

When PC wakes up from sleep, the network card doesn't run 802.1X, and Radius Server doesn't allowed this PC because of MAC unknown.

When we disable Wol fonctionnality from windows card configuration, and the PC wakes up from sleep, 802.1X is running and PC is allowed.

Does anyone have an Idea ?

PC : Windows 10 

Network card : I217-LM

Best regards,

Sebastien,

3 Replies 3

Have you tried to enable the authentication control-direction in under the Interfaces for those PCs.

Hi Mohamed,

Control-direction was already applied.

But we have found the solution :

When PC is shutdown, the network card is still talking. With 802.1X auth enable, the mac address of this card was  not allowed, so after multiple failure auth, mac address was "blacklisted" by the ISE (Supression is enable by default on ISE)

So we had do disable "suppress anomalous Client" in order to work !

Sebastien

Check for bios updates or nic driver updates fron your pc vendor.  The nic driver upon resume from sleep or hibernation should initiate a new eap session the re-authenticate under Windows in most conditions.