07-23-2020 12:08 AM
Hi,
Does this means the laptop didn't log in to AD OR logout from his laptop? Thus failing dot1x authentication?
Thanks!
07-23-2020 12:40 AM
it depends where you seeing the message.
look at the troubleshooting guide of ISE :
07-23-2020 08:47 AM
Most of the time, if you see "username" in the radius live logs as the identity, then it's also accompanied with the red indicator of a failed authentication. By default, the 2.4+ versions of ISE mask the radius username for failures with "username" to prevent the possibility of disclosing a users password that may have accidentally been typed in to the username input.
You can disable the username masking by navigating to the follow menu and selecting the checkbox "Disclose invalid usernames".
07-23-2020 09:21 AM
Hi,
Many thanks for yr precious advise!
I am fine to see the red color USERNAME in the radius log of failed dot1x auth. I am just wondering if the failed auth is due to logout from AD, expired certificate or not yet login to AD.
Could the possibility be ALL OF ABOVE?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide