cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10547
Views
0
Helpful
12
Replies
Highlighted
Beginner

Authentication failed "5440 Endpoint abandoned EAP session and started new" error

Hello Guys,

i faced this error "5440 Endpoint abandoned EAP session and started new"when users try to authoticate to network ( wired 802.1X) with ISE 2.3 .

 

FYI: before rebooting client machine users can authenticate normaly to the network.

In event manager on windows 10 i have this error: "Unable to identify a user for 802.1X authentication"

any idea please ???

 

 Regards,

1 ACCEPTED SOLUTION

Accepted Solutions
Beginner

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

@raam, the "authentication mac-move permit" is on the switch side, and disabling the "EAP-TLS L-bit" is on the ISE side. What is the problem you're having?

12 REPLIES 12
VIP Advisor

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

Hi,

 

When the users stop responding to EAP reauthentication or start authentication while the NAD already have existing session, this message gets generated. Exmaple, when the endpoint hibernate and comes back online.

 

On the switch try the command 'authentication mac-move permit'. This will enable the NAD to terminate the existing 802.1x session and starts new one when a request is received while there is an existing session for the endpoint. 

 

Also, there are couple of bugs related to windows 7 which can generate this message on ISE. Worth checking if they are applicable to windows 10. Here you go.

 

https://supportforums.cisco.com/t5/security-blogs/getting-past-intermittent-unexplained-802-1x-problems-on-windows/ba-p/3104109

 

Please remeber to rate useful posts.

Beginner

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

thank you for your response !

i will see tomorrow this command can resolve the problem or not.

 

VIP Advisor

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

To set the expectations, the log will still pop but machine should
authenticate with this command
Beginner

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

hi,

the problem persist with this command.

 

Regards,

Beginner

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

hello,

it works fine with NAM cisco Annyconnect.

 

Regards,

VIP Advisor

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

Can you create the issue or is it random? Did you try to install the
hotfixes which I mentioned.
Beginner

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

go to:
policy > resoult > AUTHENTICATION > allowed protocol > default Network access and DISABLE "EAP-TLS L-bit" under "allow eap-ttls"


Let me know if this will fix your problem
Beginner

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

And news in this issue? Did it solve the problem of disconnections?

Beginner

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

as said in the previus post, disabiling "eap-tls l-bit" fixed the problem for me.
rgds
Beginner

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

It also worked for me

Beginner

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

Hi Can you please tell me which place are you telling this settings on PC or on ISE side?

 

Thanks

Beginner

Re: Authentication failed "5440 Endpoint abandoned EAP session and started new" error

@raam, the "authentication mac-move permit" is on the switch side, and disabling the "EAP-TLS L-bit" is on the ISE side. What is the problem you're having?