Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
28690
Views
15
Helpful
15
Replies

ISE v1.2 - Endpoint abandoned EAP session and started new

dal
Level 3
Level 3

‎01-23-2014 02:22 PM - edited ‎03-10-2019 09:19 PM

Hi.

I have lots of clients that are not able to log on to both wired and wireless networks, and they always fails with these errors.

5411 Supplicant stopped responding to ISE

5440 Endpoint abandoned EAP session and started new

This is with certificate authentication, both for client and for machine.

The clients are for the most part Windows 7.

We use both Cisco and Aerohive for wireless, and the switch I have tested with is a Cisco2960S

A few strange things:

It works perfectly for a lot of clients too, with the excact same configuration.

One PC I'm testing with works fine when authenticating via wireless, but when I plug it into the switch, I get these errors.

I seems to be a timeout of some kind, either to short or too long, but where?

In the Win7 supplicant?

In the switch?

In the Cisco WLC

or in the Aerohive AP?

I have spent hours and hours on this problem, but I can't make it go away, it is very exhausting.

There surely must have been others with the same problem?

Thank you.

11 people had this problem
Labels:
0 Helpful
15 Replies 15

alberx
Level 1
Level 1
In response to mukka

‎12-18-2015 02:02 AM

Hi mukka,

I had this same prolbem this week and I finally found that bug:

https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw91763

Disabling AES Key wrap in WLC all my authentications started to work perfectly.

I was debugging aaa in WLC finding this error "Rejecting Cisco MAC Attribute due to MAC mismatch" and googling it drived me to the bug.

Hope this helps.

Customers Also Viewed These Support Documents