Hello,
We have ISE 1.2 patch 14 running. We are getting a lot of failed authentications. I found a handful of PCs that are failing, and the failing authentication is not the issue. The problem is that they continuously try to re-authenticate, ever few minutes. I checked the authorization profile they are hitting and Reauthentication checkbox is not selected. The port this one PC is connected to had the command 'authentication timer reauthenticate server'. In testing I changed this to 'authentication timer reauthenticate 14400' (4 hours) but the PC still tries to authenticate every couple minutes. What am I doing wrong or what am I missing??
This is the entire port config:
interface GigabitEthernet1/6
switchport
switchport access vlan 200
switchport mode access
ip access-group ACL-ALLOW in
authentication event server dead action authorize
authentication event server alive action reinitialize
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate 14400
authentication violation restrict
mab
snmp trap mac-notification change added
snmp trap mac-notification change removed
dot1x pae authenticator
spanning-tree portfast edge
ip dhcp snooping limit rate 15
end
Thanks.