cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1367
Views
0
Helpful
1
Replies
estadlercisco
Beginner

Windows 7 supplicant issues

I'm having an issue with a windows 7 device and 802.1x authentication only on boot. If i enable and disable the network adapter authentication succeeds and AnyConnect is able to check the machine for posture. If I don't toggle the port the device is MABd. the machine authentication happens then once the user logs in the user has to toggle his NIC.

Information:

Windows 7 SP1

All 802.1X patches installed from here: https://supportforums.cisco.com/blog/12256681/getting-past-intermittentunexplained-8021x-problems-windows-7

Using the native Windows supplicant 

Set to Machine or user authentication

EAP-TLS with machine and user certificates

Troubleshooting steps:

Uninstalled JunOS pulse VPN client

tried restarting wired autoconfig service without toggling the NIC, this changes the behavior slightly but doesn't fix it completely.

Collected debugs

I collected some debugs from the 2960X running 15.2.2e6 when the machine booted up and attached them to this post

1 REPLY 1
nspasov
Cisco Employee

I have seen this problem before and it was in fact due to missing Windows Hotfixes. The outlined list in the link that you provided has some but not all of the ones that I had to use in the past. Here is the link that I have used before and had always resolved my issue(s) when deploying ISE:

http://robert.penz.name/555/list-of-ieee-802-1x-hotfixes-for-windows-7/

Give those a try and let us know if you are still having issues.

Thank you for rating helpful posts!

Content for Community-Ad