Showing results for 
Search instead for 
Did you mean: 

Unable to authenticate SSL VPN Web Portal using ISE and RSA



After implementing ISE, we are unable to authenticate to the SSL VPN Web Portal using ISE and RSA.

Our setup is as follows, our Cisco 5545-X vpn concentrators make a call to ISE when a user log in, then ISE is a client of our RSA server for radius. In RSA, we show a successful connection but, in ISE we see a rejection.

It appears the issue is ISE related. This is only happening with the web portal. Normal client vpn works successfully. 

Any advice? 

Cisco Identity Services Engine

11001 Received RADIUS Access-Request
  11017 RADIUS created a new session
  15049 Evaluating Policy Group
  15008 Evaluating Service Selection Policy
  15048 Queried PIP - DEVICE.Device Type
  15048 Queried PIP - Radius.NAS-Port-Type
  15006 Matched Default Rule
  15041 Evaluating Identity Policy
  15006 Matched Default Rule
  15013 Selected Identity Source - RSA_RADIUS
  24609 RADIUS token identity store is authenticating against the primary server - RSA_RADIUS
  11100 RADIUS-Client about to send request - RSA_RADIUS
  11101 RADIUS-Client received response - RSA_RADIUS ( Step latency=2054 ms)
  24612 Authentication against the RADIUS token server succeeded - RSA_RADIUS
  24623 User record was cached - RSA_RADIUS
  22037 Authentication Passed
  24423 ISE has not been able to confirm previous successful machine authentication
  15036 Evaluating Authorization Policy
  15048 Queried PIP -
  15048 Queried PIP - Network Access.EndPointMACAddress
  15048 Queried PIP - EndPoints.LogicalProfile
  15048 Queried PIP - MDM.DeviceRegisterStatus
  15048 Queried PIP - Session.PostureStatus
  15048 Queried PIP - Network Access.EndPointMACAddress
  15048 Queried PIP - EndPoints.LogicalProfile
  15004 Matched rule - Default
  15016 Selected Authorization Profile - DenyAccess
  15039 Rejected per authorization profile
  11003 Returned RADIUS Access-Reject

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: