cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Who Me Too'd this topic

Beginner

Massive EAP abondon and Radius packet already in progress errors

I have been troubleshooting massive issues in my ISE 1.2 lab, all of a sudden authentications are rather not working or taking a very long time.  I originally thought that adding a new piece of switching equipment may have been the cause of the issue.  At times my workstations and laptops could authenticate but most they time they couldn't, and mobile devices could never authenticate.

During some testing I joined one of my wireless networks that use a Test policy set that has hardly any rules in it, I noticed that there was no authentication issues when this policy set was used, but my production policy sets all had the same problem.  I then went to review the logs for the MDM and noticed the ISE was not able to get client status off the MDM.  I checked and the MDM and the ISE are no longer communicating as there seems to be an issue with the MDM.  I changed all my policies to not do any MDM checks, and all my latency and authentication issues where fixed.  For some reason if any rules within the policy set use the MDM or if you are hitting a policy that is lower down in the policy set after an MDM check, you will have massive issues with the authentication.

I hope this may help someone else who is hitting this issue and struggling; rather disable or remove MDM checks from your policies or get your MDM and ISE communication back up ASAP.

Who Me Too'd this topic