Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1649
Views
5
Helpful
2
Replies

Wired Domain Computer and User 802.1x being logged as MAB when using RDP/Remote VPN

laurathaqi
Level 3
Level 3

‎06-29-2021 01:07 AM

Dear community, 

 

I have configured 802.1x for domain computers and users, to authenticate via EAP-TLS and for some switches that do not support EAP-TLS, I have configured PEAP. 

 

Have done tests on both cases and successful logs and policies are applied when logged in Windows machine directly from office. However there is the issue of RDP login as following: When I log in via RDP to that supplicant, ISE reads it as MAB thus applies MAB Policies. 

 

Same problem happens when logging in via Remote Access VPN. 

 

Do you have any idea why this is the case and/or how to troubleshoot further?  

 

Looking forward to hearing from you. 

 

Thank you,

Laura 

 

0 Helpful
2 Replies 2

hslai
Cisco Employee
Cisco Employee

‎07-05-2021 08:10 AM

On remote desktop, see 802.1x user authentication fails when an RDS connection comes in.

On VPN, this depends on the VPN head-end, the VPN client used, and how your policy rules configured.

laurathaqi
Level 3
Level 3

‎07-13-2021 11:47 PM

Hi all, 

 

RDP was not being read as dot1x, thus failing to MAB. Turns out Windows does not support dot1x on RDP connections, thus not triggering dot1x. NAM or EasyConnect are other options possible to be used.  

 

Hope it helps someone. 

 

Best wishes,

Laura 

0 Helpful
Customers Also Viewed These Support Documents