We have recently come across an issue where our Windows clients are getting prompted to enter a username/password when connecting to our corporate network. Nothing has been changed on our environment and its been working fine until a few weeks ago. The only change is users have been upgraded to Windows 10 1909, nothing has changed on ISE.
I have looked through the logs and we're getting an event "5400 Authentication Failed" "11514 Unexpectedly received empty TLS message; treating as a rejection by the client", screenshot of the error attached.
Has anyone else come across this issue and have you been able to resolve it.
This seem to be a certificate issue. check on ISE certificate tab if EAP authentication certificate is expired. if it down you need to generate a new CSR on ISE and get this signed by your CA. once Signed from your CA upload the cert on ISE. This will fix the issue.
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b...
Automation and programmability for networking and security are increasingly important topics. Every release since ISE 1.2 has included new REST API capabilities to better automate and integrate ISE with the rest of your network, appli...
The latest iteration (v2.3.4) of the Cisco Secure Firewall Migration Tool adds public beta support for S2S VPN migrations from ASA:
Policy-based (crypto map) Pre-Shared key authentication type VPN configuration to Firepower Management Center
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...