The following environment is given:

Cisco Secure ACS 3.3 Solution Engine, Cisco Accesspoints 1231G, Cisco 2950 Switch,

Windows XP Clients (SP2) and a Active Directory Userdatabase. All components

can communicate with each other. Active Directory is connected with the ACS Server (in

assistance with the Agent Software on a Member Server) and works.

We want to authenticate the Wired and Wireless Users with PEAP or EAP-TLS.

Basically the authentication of the Windows XP Users is successfull against the

ACS Server which seeks the Users in the Active Directory.

But there is a unacceptable phenomenon in the authentication process.

I will describe this phenomenon:

When a Windows XP User enables his Wireless Card the authentication progress is

successfull and he can work fine. Now, if this User deactivates his Wireless Interface and

and activates the Wireless Interface a moment later again the authentication process takes

a very very long time. It seems as the ACS Server doesn´t recognize the new authentication

request. This problem happens with EAP-TLS and PEAP Authentication. And it happens over

Wired Ports (2950 Switch) and Wireless Cisco Accesspoints. We have also tested different Windows

Clients. My Own Laptop works fine in other Customer 802.1x enabled environments! But there

i have still the same problem like the Customers Workstations.

Maybe it is a caching problem of the user credentials on the ACS or something else!?