cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
27159
Views
15
Helpful
15
Replies

ISE v1.2 - Endpoint abandoned EAP session and started new

dal
Level 3
Level 3

Hi.

I have lots of clients that are not able to log on to both wired and wireless networks, and they always fails with these errors.

5411 Supplicant stopped responding to ISE

5440 Endpoint abandoned EAP session and started new

This is with certificate authentication, both for client and for machine.

The clients are for the most part Windows 7.

We use both Cisco and Aerohive for wireless, and the switch I have tested with is a Cisco2960S

A few strange things:

It works perfectly for a lot of clients too, with the excact same configuration.

One PC I'm testing with works fine when authenticating via wireless, but when I plug it into the switch, I get these errors.

I seems to be a timeout of some kind, either to short or too long, but where?

In the Win7 supplicant?

In the switch?

In the Cisco WLC

or in the Aerohive AP?

I have spent hours and hours on this problem, but I can't make it go away, it is very exhausting.

There surely must have been others with the same problem?

Thank you.

15 Replies 15

Hi mukka,

I had this same prolbem this week and I finally found that bug:

https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw91763

Disabling AES Key wrap in WLC all my authentications started to work perfectly.

I was debugging aaa in WLC finding this error "Rejecting Cisco MAC Attribute due to MAC mismatch" and googling it drived me to the bug.

Hope this helps.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: