cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
784
Views
0
Helpful
1
Replies

Posture ISE et Anyconnect, ERR "5238 Endpoint authentication problem was fixed "

hello everyone, who can help me ?

 

Products used :

anyconnect version 4.7.136.0

ISE VERSION 2.4

Complaince module Windows 4.3.642.6144

Description  problem: 5238 Endpoint authentication problem was fixed 

before the posture and anyconnect configuration , the MAB and dot1x authentication function correctly even on the same port there are both (telephonie and workstation),
after the posture and annyconnect configuration, at the level of switch 'auth failed' and for live log ' 5238 Endpoint authentication problem was fixed' 

 Port Configuration : 

description ise dot1x-MAB port
switchport mode access
switchport voice vlan 100
authentication control-direction in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 1
authentication event server dead action authorize voice
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication open
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication timer reauthenticate server
authentication violation replace
mab
dot1x pae authenticator
dot1x timeout tx-period 1
dot1x timeout supp-timeout 3
dot1x max-req 3
dot1x max-reauth-req 5
spanning-tree portfast

1 Accepted Solution

Accepted Solutions

hslai
Cisco Employee
Cisco Employee

This message is part of an ISE feature to suppress repeated failures but does not indicate the failure itself. In order to understand this, please review slides 305 ~ 308 of Advanced ISE – Architect, Design and Scale ISE for your production networks - BRKSEC-3432 2019 San Diego

After an endpoint is jailed due to repeated failures, and then the same supplicant conducted passed authentication it is unmarked as misconfigured by firing the message:

5238 Endpoint authentication problem was fixed

 

View solution in original post

1 Reply 1

hslai
Cisco Employee
Cisco Employee

This message is part of an ISE feature to suppress repeated failures but does not indicate the failure itself. In order to understand this, please review slides 305 ~ 308 of Advanced ISE – Architect, Design and Scale ISE for your production networks - BRKSEC-3432 2019 San Diego

After an endpoint is jailed due to repeated failures, and then the same supplicant conducted passed authentication it is unmarked as misconfigured by firing the message:

5238 Endpoint authentication problem was fixed