Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
938
Views
0
Helpful
9
Replies

Supplicant stopped responding to ISE

hs08
VIP
VIP

‎10-22-2025 12:54 AM

Anyone know how to fix error 'Supplicant stopped responding to ISE'? I try to increase 802.1x timer but not helping.

When we use EAP-TTLS is mandatory that ISE certificate should be apply in the endpoint?

 

Event 5411 Supplicant stopped responding to ISE
Failure Reason 12981 Supplicant stopped responding to ISE during EAP-TTLS tunnel establishment
Resolution Verify that supplicant is configured properly to conduct a full EAP conversation with ISE. Verify that NAS is configured properly to transfer EAP messages to/from supplicant. Verify that supplicant or NAS does not have a short timeout for EAP conversation. Check the network that connects the Network Access Server to ISE.
Root cause Supplicant stopped responding to ISE during EAP-TTLS tunnel establishment
0 Helpful
9 Replies 9

ahollifield
VIP
VIP

‎10-22-2025 10:07 AM

Why are you using EAP-TTLS? TTLS is not encrypted. Yes you still need to trust the ISE EAP certificate on the endpoint.

0 Helpful

hs08
VIP
VIP
In response to ahollifield

‎10-23-2025 05:57 PM

hi @ahollifield 

The USE EAP Certificate should be installe din the machine is 2nd certificate in below picture?

hs08_0-1761267388191.png

 

0 Helpful

hs08
VIP
VIP
In response to ahollifield

‎10-27-2025 12:46 AM

Yes for now i want to test using EAP-TTLS and as i know we no need any certificate using EAP-TTLS since EAP-TTLS use username and password for credential, am i right?

0 Helpful

ahollifield
VIP
VIP
In response to hs08

‎10-27-2025 03:25 AM

Yes but not a great idea as far as security goes
0 Helpful

hs08
VIP
VIP
In response to ahollifield

‎10-27-2025 04:12 AM

Yes, just want to test the EAP-TTLS first and continue to EAP-TLS. So the error i facing now not because certificate issue. What next should i check?

0 Helpful

ahollifield
VIP
VIP
In response to hs08

‎10-27-2025 04:23 AM

Does the endpoint trust the ISE EAP server or no? That error log is unfortunately very vague. Is the client configured correctly? What is the access method? I'm still confused by you want to use EAP-TTLS at all? Why not use certificates?

https://cs.co/ise-berg#entra 

0 Helpful

hs08
VIP
VIP
In response to ahollifield

‎10-27-2025 05:44 PM

Thanks your concern regarding EAP-TLS

Here my configuration.

 

 

Preview file
1 KB
Preview file
19 KB
Preview file
28 KB
0 Helpful

ajc
Level 7
Level 7
In response to hs08

‎10-28-2025 02:42 PM

Are you using Windows 10/11 by any chance?. I have seen Microsoft enforced stricter rules regarding certificates so I am wondering if by missing the "checked box" of the Trusted CA that signed your ISE certificate then you are having those connectivity issues. AT LEAST, for EAP-TLS it is mandatory to have those ISE signed certificate CA checked in the Windows profile.

EAP-TTLS.png

 

 

 

0 Helpful

hs08
VIP
VIP
In response to ajc

‎10-28-2025 06:11 PM

HI..

Yes i already download certificate from ISE and install the certificate into the workstation and use this certificate in EAP-TTLS.

hs08_0-1761700155662.png

hs08_1-1761700269738.png

 

 

0 Helpful
Customers Also Viewed These Support Documents