cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
233
Views
0
Helpful
1
Replies
Beginner

Cisco ISE 2.3 patch5 COA fails for wired connection

Issue description: when user starts-up pc and login , anyconnect scans and says user is compliant but the user doesn't get intranet or internet access then after a while fails over to mab.
- Authc session on switch shows user is in posture redirect phase
- ISE shows users is posture-pending.
When the user unplugged and plugged back Ethernet cable , user immediately gets intranet and internet access.
 

Overview

Event5411 Supplicant stopped responding to ISE
UsernameUNIDOMAIN\fade
Endpoint IdBX:35:5B:88:89:2E 
 
Endpoint Profile 
Authentication PolicyDefault
Authorization PolicyDefault
Authorization Result 

Authentication Details

Source Timestamp2019-08-29 09:27:05.011
Received Timestamp2019-08-29 09:27:05.01
Policy Serverhq-ise-psn
Event5411 Supplicant stopped responding to ISE
Failure Reason12937 Supplicant stopped responding to ISE after sending it the first inner EAP-MSCHAPv2 message
ResolutionVerify that supplicant is configured properly to conduct a full EAP conversation with ISE. Verify that NAS is configured properly to transfer EAP messages to/from supplicant. Verify that supplicant or NAS does not have a short timeout for EAP conversation. Check the network that connects the Network Access Server to ISE. Verify that supplicant supports and has a properly configured inner EAP-MSCHAPv2 method and user/machine credentials.
Root causeSupplicant stopped responding to ISE after sending it the first inner EAP-MSCHAPv2 message

 

 

I hope i can get some help, thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Re: Cisco ISE 2.3 patch5 COA fails for wired connection

please work through TAC to troubleshoot issues, also please check our anyconnect guide for posture https://community.cisco.com/t5/security-documents/ise-posture-prescriptive-deployment-guide/ta-p/3680273
1 REPLY 1
Highlighted
Cisco Employee

Re: Cisco ISE 2.3 patch5 COA fails for wired connection

please work through TAC to troubleshoot issues, also please check our anyconnect guide for posture https://community.cisco.com/t5/security-documents/ise-posture-prescriptive-deployment-guide/ta-p/3680273